Do not let users pass a secret as cmdline argument

[jesterhodl]

The script suggest to supply the seed as cmdline argument. This is not secure because it's trivial for another process of same user, or root to simply get process information, eg. using ps command.

1. Command-line arguments are usually visible to all users on the system via utilities like ps. This means that anyone who has access to run ps could potentially see the secrets.

2. Command-line arguments might get stored in shell history files, again making them visible to users with appropriate permissions.

3. Logging systems, monitoring solutions, or other software could inadvertently capture and store the command-line arguments, which may include the sensitive information.

You could use environment variables or ask the user for input at runtime.

[GregTonoski]

While it's true that other processes on a computer may sniff user input, I think that blocking the normal cmdline argument input would be contrary to the design of it (and user habits/expectations). Instead, I would recommend users running the script in a trusted environment and so limiting the entire attack surface while keeping it easy to use.

Besides, environment variables and other user input techniques are available to a user and they may choose to use them instead (without modification of the BIP39-XOR implementation).

[GregTonoski]

There is the input at runtime supported in the 4.0.0 version.