On 2026-07-06 15:15:09 -0400, Greg Wooledge wrote:
> In your bug report, you mention that you didn't want to use
> "echo -n <passphrase>" on a multi-user system.  Presumably, this is
> because you want to avoid having the passphrase visible in "ps" or
> similar process listings.  But echo is a shell builtin, in both bash
> and dash.  Because it's a shell builtin, it will not be visible as a
> process.

Indeed, but I'm wondering whether I can be sure as this is a machine
where I am not the admin. This needs to remain true for at least
10 years, for any /bin/sh that could be used.

Using "tr -d '\n' < file" is probably better.

> That said, "printf %s" is superior to "echo -n", because "echo -n" will
> potentially interpret some of the characters in its argument.  "printf %s"
> is guaranteed not to do so.  And printf is also a shell builtin, in both
> bash and dash, so it's also safe from being listed as a processm, just
> like echo.

I suppose that for a passphrase (thus without control characters),
"echo -n" and "printf %s" are equivalent.

[...]
> Shell variables are stored as C strings, in which the NUL byte marks
> the end of the string.

This is a choice of implementation (zsh does not do that, for instance).
That said, NUL bytes in variables are not portable.

-- 
Vincent Lefèvre <[email protected]> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / Pascaline project (LIP, ENS-Lyon)

Reply via email to