[Python-Dev] [OT] Re: getpass and stdin

Shaya Potter spotter at cs.columbia.edu
Tue Feb 26 20:14:56 CET 2008 

Charles Cazabon wrote:
> Shaya Potter <spotter at cs.columbia.edu> wrote:
>> Leif Walsh wrote:
>>> On Tue, Feb 26, 2008 at 12:43 PM, Shaya Potter <spotter at cs.columbia.edu> wrote:
>>>>  the -p <PASSWD> option is not good on multi user systems
>>>>  the -p <PASSFILE> option is not particularly good on NFS based systems
>>>>  (have to trust every user on every machine with access to NFS share)
>>> You seem somehow both worried about security, yet too lazy to type in
>>> your password.  I think at some point, one of those concerns is going
>>> to have to give.
> 
> That was exactly what I've been telling this user on the getmail mailing list
> for the last week.  Apologies that he's decided to bother you with it.

actually,

1) I am willing to type in the password, which is obvious to anyone who 
can read a simple script.  That just doesn't work for a program you want 
to run in the background to type it in every time.

2) I was trying to understand why python made it's design decision, I 
don't need you apologizing for me trying to understand that (and I do 
ave a better understanding now)

For those who want the background to make up their own minds about why I 
asked.

Charles is the author of a program called getmail that is used for 
fetching email. - generally to fetch email you need a password.

getmail will either read a passowrd in via getpass() or read it from a 
file.  however,  storing the password in a file is out of the question 
in this case (NFS), but reading the password in is fine, I'm not 
concerned with a threat of it being read out of memory.

However, getmail doesn't have a daemon mode, charles recommends using 
the password in a file + cron, which I'd be fine with if I could store 
the password in a file.  However, as I can't, I wanted to daemonize it 
via a script (already posted), that reads in a password from stdin and 
passes it to getmail via its stdout and getmail's stdin.

However, that doesn't work with getpass() which getmail uses, and 
Charles isn't willing to change his program (it's his program he's 
allowed to do with it what he wants).

I cam here after examining the python code and being confused by it and 
wanting to understand the design decision that went into it, as I sort 
of do now as I said in my last real email on the subject "understand the 
eating stdin aspect"

That's it.  Personally, I debated sending this email (don't need to 
waste people's time), but I don't appreciate being called out in public 
as Charles did when in truth while my question was spurred on by getmail 
it was something I was generally interested in understanding as well.

More information about the Python-Dev mailing list