providing imap_pass but not from ~/.muttrc

Matthias Apitz guru at unixarea.de
Fri Jun 14 08:23:45 UTC 2019


El día Thursday, June 13, 2019 a las 03:19:26PM -0400, Ben Boeckel escribió:

> > $ ssh -At www.unixarea.de imap_pass=abc bash --login
> > Thu Jun 13 20:44:51 CEST 2019
> > ...
> > sh4-5:~$ env | grep imap
> > imap_pass=abc
> 
> I don't think there's any mechanism in mutt. You might be able to have
> `mutt -F <(genmuttrc)` dump it out. It may also be worth just doing `set
> imap_pass=...` inside mutt once it has started.

I think the best generic approach would be to be able to set in .muttrc
something like

set imap_pass="</home/user/named-pipe"

or

set imap_pass="|any-proc"

to read it in from a named pipe (to which you could push it with gpg,
for example) or from the STDOUT of some process.

> 
> However, what's your threat model that having it in the file is not OK
> but the environment is OK? `/proc/foo/environ` is just as readable on
> Linux as muttrc is likely to be.

Correct, but you need a bit more knowledge to read it from /proc/PID/...
as just grepping/stealing the users home dir.

> How are you getting your sendmail password over in order to send email?
> Or is it trusted because it's coming from the ISP's VM?

It's handed over by mutt to /usr/sbin/sendmail ... on the VM locally.

	matthias

-- 
Matthias Apitz, ✉ guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045
Public GnuPG key: http://www.unixarea.de/key.pub
May, 9: Спаси́бо освободители! Thank you very much, Russian liberators!


More information about the Mutt-users mailing list