From e8de5a2de78432768b623ea77c620a3a179a7b5f Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Wed, 13 Aug 2014 13:04:17 -0300 Subject: Limitations: clipboard and stdout --- share/man/keyringer.1.mdwn | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'share') diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index 407baaa..cb0c6ba 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -284,6 +284,13 @@ Keyringer currently has the following limitations: so be careful when decrypting secrets and writing them to the disk or other storage media. + Pay special attention that keyringer outputs data to stdout, which could + be easilly spotted by any agent looking directly at you computer screen. + + The xclip action even copies secret data to the X11 clipboard, which can + be accessed by any application running in the user's X11 session, so use + this feature carefully. + # SEE ALSO The *README* file distributed with Keyringer contains full documentation. -- cgit v1.2.3 From cb21ca66b5b3eface2e51914801a54cb1ccb8233 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sat, 16 Aug 2014 17:30:11 -0300 Subject: New action 'cp' --- ChangeLog | 4 +++- share/man/keyringer.1.mdwn | 3 +++ 2 files changed, 6 insertions(+), 1 deletion(-) (limited to 'share') diff --git a/ChangeLog b/ChangeLog index 04cac73..87bf35f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,6 @@ -2014-07-06 - Silvio Rhatto +2014-08-16 - Silvio Rhatto + + New 'cp' action Reset 'expiry' on keyringer_check_expiration, reported and fixed by Jamie (closes #62) diff --git a/share/man/keyringer.1.mdwn b/share/man/keyringer.1.mdwn index cb0c6ba..af098a3 100644 --- a/share/man/keyringer.1.mdwn +++ b/share/man/keyringer.1.mdwn @@ -128,6 +128,9 @@ del <*secret*> rm <*secret*> : Alias for *del* action. +cp <*secret*> <*dest*> +: Copy a secret. + mv <*secret*> <*dest*> : Rename a secret. -- cgit v1.2.3 From bfd718703aac6fe706ee751f232b0e80601913d1 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 15:04:52 -0300 Subject: Moving editors' files to shared folder --- Makefile | 4 ++-- keyringer | 24 +++++++++++++++++------- lib/keyringer/editors/vim | 5 ----- lib/keyringer/functions | 2 +- share/keyringer/editors/vim | 5 +++++ 5 files changed, 25 insertions(+), 15 deletions(-) delete mode 100644 lib/keyringer/editors/vim create mode 100644 share/keyringer/editors/vim (limited to 'share') diff --git a/Makefile b/Makefile index c1e50e9..07513f2 100644 --- a/Makefile +++ b/Makefile @@ -27,8 +27,8 @@ install_lib: $(INSTALL) -D --mode=0755 lib/keyringer/functions $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/functions $(INSTALL) -D --mode=0755 -d lib/keyringer/actions $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions $(INSTALL) -D --mode=0755 lib/keyringer/actions/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/actions - $(INSTALL) -D --mode=0755 -d lib/keyringer/editors $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors - $(INSTALL) -D --mode=0644 lib/keyringer/editors/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors + $(INSTALL) -D --mode=0755 -d share/keyringer/editors $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors + $(INSTALL) -D --mode=0644 share/keyringer/editors/* $(DESTDIR)/$(PREFIX)/lib/$(PACKAGE)/editors install_bin: $(INSTALL) -D --mode=0755 keyringer $(DESTDIR)/$(PREFIX)/bin/keyringer diff --git a/keyringer b/keyringer index b8edc8e..a32f15b 100755 --- a/keyringer +++ b/keyringer @@ -149,13 +149,6 @@ ACTION="$2" # Turn off pathname expansion so expansion can work properly set -f -# Export globals for other scripts -export PREFERENCES="`dirname $CONFIG`/$KEYRING" -export KEYRINGER_VERSION -export CONFIG_VERSION -export KEYRING -export CONFIG - # Set functions location if [ -e "`dirname $(readlink -f $0)`/lib/$NAME/functions" ]; then # Development or local installation layout @@ -165,6 +158,15 @@ else LIB="`dirname $(readlink -f $0)`/../lib/$NAME/functions" fi +# Set shared files location +if [ -e "`dirname $(readlink -f $0)`/share/$NAME" ]; then + # Development or local installation layout + SHARE="`dirname $(readlink -f $0)`/share/$NAME" +else + # System installation layout + SHARE="`dirname $(readlink -f $0)`/../share/$NAME" +fi + # Set actions location if [ -e "`dirname $(readlink -f $0)`/lib/$NAME/actions" ]; then # Development or local installation layout @@ -174,6 +176,14 @@ else ACTIONS="`dirname $(readlink -f $0)`/../lib/$NAME/actions" fi +# Export globals for other scripts +export PREFERENCES="`dirname $CONFIG`/$KEYRING" +export KEYRINGER_VERSION +export CONFIG_VERSION +export KEYRING +export CONFIG +export SHARE + # Load functions source "$LIB" || exit 1 diff --git a/lib/keyringer/editors/vim b/lib/keyringer/editors/vim deleted file mode 100644 index 0f877df..0000000 --- a/lib/keyringer/editors/vim +++ /dev/null @@ -1,5 +0,0 @@ -" Use sane defaults for VIM to avoid data leakage -" See https://keyringer.pw/trac/ticket/50 -set nowritebackup -set nobackup -set viminfo="NONE" diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 5dbb6b4..42c047d 100755 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -287,7 +287,7 @@ function keyringer_set_env { # Avoid viminfo, see https://keyringer.pw/trac/ticket/50 if $EDITOR --help | grep -q -e "^VIM"; then if ! echo $EDITOR | grep -q -- "-i NONE"; then - EDITOR="$EDITOR -S `dirname $LIB`/editors/vim" + EDITOR="$EDITOR -S $SHARE/editors/vim" fi fi diff --git a/share/keyringer/editors/vim b/share/keyringer/editors/vim new file mode 100644 index 0000000..0f877df --- /dev/null +++ b/share/keyringer/editors/vim @@ -0,0 +1,5 @@ +" Use sane defaults for VIM to avoid data leakage +" See https://keyringer.pw/trac/ticket/50 +set nowritebackup +set nobackup +set viminfo="NONE" -- cgit v1.2.3 From 4bc8b8e6fa81c38ce8c76027074feef1c7f69530 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 21 Aug 2014 17:16:45 -0300 Subject: Keyringer 0.3.7 --- ChangeLog | 2 +- keyringer | 2 +- share/man/keyringer.1 | 12 ++++++++++++ 3 files changed, 14 insertions(+), 2 deletions(-) (limited to 'share') diff --git a/ChangeLog b/ChangeLog index cf568c5..683c853 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,4 +1,4 @@ -2014-08-21 - Silvio Rhatto +2014-08-21 - 0.3.7 - Silvio Rhatto Init: just set git user/mail if needed diff --git a/keyringer b/keyringer index b5251b9..059b157 100755 --- a/keyringer +++ b/keyringer @@ -140,7 +140,7 @@ function keyringer_dispatch { # Config NAME="keyringer" -KEYRINGER_VERSION="0.3.6" +KEYRINGER_VERSION="0.3.7" CONFIG_VERSION="0.1" CONFIG_BASE="$HOME/.$NAME" CONFIG="$CONFIG_BASE/config" diff --git a/share/man/keyringer.1 b/share/man/keyringer.1 index 95c236d..82cb520 100644 --- a/share/man/keyringer.1 +++ b/share/man/keyringer.1 @@ -164,6 +164,11 @@ Alias for \f[I]del\f[] action. .RS .RE .TP +.B cp <\f[I]secret\f[]> <\f[I]dest\f[]> +Copy a secret. +.RS +.RE +.TP .B mv <\f[I]secret\f[]> <\f[I]dest\f[]> Rename a secret. .RS @@ -370,6 +375,13 @@ using the \f[I]git\f[] action. Keyringer does not protect data which were not encrypted to a keyring, so be careful when decrypting secrets and writing them to the disk or other storage media. +.PP +Pay special attention that keyringer outputs data to stdout, which could +be easilly spotted by any agent looking directly at you computer screen. +.PP +The xclip action even copies secret data to the X11 clipboard, which can +be accessed by any application running in the user\[aq]s X11 session, so +use this feature carefully. .SH SEE ALSO .PP The \f[I]README\f[] file distributed with Keyringer contains full -- cgit v1.2.3