Closed kpcyrd closed 1 year ago
i think i'd honestly rather this be implemented via pinentry than adding additional functionality to rbw - the protocol isn't that complicated and this feels like duplicating a bunch of logic.
i prefer the approach which was just merged in #122, but feel free to open a new issue if something here doesn't work for you!
I guess that also works, I'm surprised it's implemented in shell script though, line 29 breaks if $RBW_PROFILE
contains a %
character, line 27 has a potential injection issue if $RBW_PROFILE
contains '\n
.
This could also be done through the pinentry setting, but having to implement the pinentry protocol would be annoying. This feature allows reading the master password from anything that has a commandline interface, so you could unlock rbw through your desktop environments keyring (that's unlocked during login).
I'm not sure if my error handling code is correct, considering there's IPC between rbw and rbw-agent involved.
This also updates Cargo.lock to make cargo-audit happy.