janlelis
commented
10 years ago Thanks for suggesting. I also had the idea, but I did not need this functionality so much in practice. But I would like to have such feature!
I think, if you (or someone else) wants to implement this, a good way would be to implement it in an extra gem (e.g. "pws-session" or "interactive_pws"). Maybe it also makes sense to implemented this extra gem as a ripl plugin https://github.com/cldwalker/ripl/blob/master/lib/ripl/shell.rb (ripl has a nice api and deals with readline support etc), or at least to get some inspiration from ripl.
It would be nice to cache the password across multiple commands - this was the inspiration of the "multiadd" command I implemented - but sometimes I will be adding passwords in bulk then want to fix a typo, rename a password, remove it, change it, etc. When I am doing password maintenance tasks having to retype the pw multiple times is a pain.
I know the longer the process runs, the higher the danger of an attacker stealing the password out of memory (or it being swapped to disk) since you can't control that stuff in ruby, but as long as the user understands the risk, it seems to me a prompt which lets the user input commands interactively without re-entering the password would be great. The shell could automatically exit after some timeout (10 or 30 seconds) to prevent people from leaving it running when they are not actively using it.
I may try to implement this as well, just throwing the idea out there for discussion.
-Carl