perfect_world 0.1.0 → 0.1.1
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +7 -29
- data/bin/pwm +19 -6
- data/lib/perfect_world/version.rb +1 -1
- data.tar.gz.sig +0 -0
- metadata +7 -9
- metadata.gz.sig +0 -0
data/README.md
CHANGED
@@ -21,34 +21,9 @@ This should make it even possible to sync the password "database" between
|
|
21
21
|
machines using Dropbox or other "untrusted" services. (I actually trust
|
22
22
|
Dropbox, but they should not get my passwords.)
|
23
23
|
|
24
|
-
## Concerns
|
25
|
-
|
26
|
-
I am no security expert. Maybe my concerns are no problem at all and there
|
27
|
-
are some other problems i couldn't even think of.
|
28
|
-
|
29
|
-
### Is the config file trusted user input?
|
30
|
-
|
31
|
-
At the moment pwm uses Psych to parse the config file. Given the recent
|
32
|
-
problems with Psych related to arbitrary code execution, my concerns are not
|
33
|
-
unfounded. But if an attacker has access to a config file in my home folder
|
34
|
-
she probably also has access to my private gpg key and can read the whole
|
35
|
-
"database" anyway.
|
36
|
-
|
37
|
-
### The clipboard feature
|
38
|
-
|
39
|
-
pwm has the ability to copy passwords to the users clipboard. It's a very
|
40
|
-
nice feature. You don't have to select/copy the password from the command
|
41
|
-
line, what kinda sucks. But it begs for some questions. What are the different
|
42
|
-
clipboard implementations (xclip, xsel, clip) actually doing with the
|
43
|
-
data? And more important, who can access the data in the clipboard? Well,
|
44
|
-
every programm on the machine i guess, just like pwm. What about the crazy
|
45
|
-
old flash hacks? Are they still working? That would be a huge problem.
|
46
|
-
|
47
24
|
# Install
|
48
25
|
|
49
|
-
|
50
|
-
|
51
|
-
## Dependecies
|
26
|
+
## Dependencies
|
52
27
|
|
53
28
|
You need an installed and set up version of gnupg. It should be available
|
54
29
|
in the package repo of your linux distribution. There are also several ways
|
@@ -83,10 +58,12 @@ Or clone the repo.
|
|
83
58
|
-D, --database [FILE] Prints or sets the used database.
|
84
59
|
-g, --get ID Prints the password for an ID.
|
85
60
|
-G, --generate ID Generates and stores a new passord.
|
61
|
+
--gpgdir DIR Sets the path to the GPG directory.
|
86
62
|
-h, --help Prints this message and exits.
|
87
63
|
-l, --list Lists all passwords.
|
88
64
|
-L, --length [LENGTH] Prints or sets the length of new passwords.
|
89
65
|
-o, --owner [OWNER] Prints or sets the encryption recipient.
|
66
|
+
--version Prints the version and exits.
|
90
67
|
|
91
68
|
## Examples
|
92
69
|
|
@@ -124,9 +101,10 @@ pwm looks for the config file at ```~/.pwmrc``` by default. This can be
|
|
124
101
|
changed with the ```--config``` switch. It contains straight forward Yaml.
|
125
102
|
|
126
103
|
---
|
127
|
-
owner: ushi.
|
128
|
-
length: 64
|
129
|
-
|
104
|
+
owner: ushi@porkbox.net # Used as ecryption recipient by GPG.
|
105
|
+
length: 64 # Length of the generated password.
|
106
|
+
gpgdir: /home/ushi/.gnupg # Path to the GnuPG home dir.
|
107
|
+
database: /home/ushi/.pwm.yml.gpg # Path to the password database.
|
130
108
|
|
131
109
|
# License (MIT)
|
132
110
|
|
data/bin/pwm
CHANGED
@@ -4,8 +4,9 @@ $LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
|
|
4
4
|
|
5
5
|
require 'psych'
|
6
6
|
require 'optparse'
|
7
|
+
require 'gpgme'
|
7
8
|
require 'perfect_world'
|
8
|
-
|
9
|
+
require 'perfect_world/version'
|
9
10
|
|
10
11
|
# Lets parse some options.
|
11
12
|
options = {}
|
@@ -44,6 +45,10 @@ parser = OptionParser.new do |parser|
|
|
44
45
|
options[:generate] = id
|
45
46
|
end
|
46
47
|
|
48
|
+
parser.on('--gpgdir DIR', 'Sets the path to the GPG directory.') do |d|
|
49
|
+
options[:gpgdir] = d
|
50
|
+
end
|
51
|
+
|
47
52
|
parser.on('-h', '--help', 'Prints this message and exits.') do
|
48
53
|
puts parser.help; exit
|
49
54
|
end
|
@@ -60,6 +65,10 @@ parser = OptionParser.new do |parser|
|
|
60
65
|
options[:owner] = o
|
61
66
|
end
|
62
67
|
|
68
|
+
parser.on('--version', 'Prints the version and exits.') do
|
69
|
+
puts 'pwm ' << PerfectWorld::VERSION; exit
|
70
|
+
end
|
71
|
+
|
63
72
|
parser.separator ''
|
64
73
|
parser.separator 'Please report bugs at: http://github.com/ushis/perfect_world/issues'
|
65
74
|
end
|
@@ -71,19 +80,23 @@ rescue OptionParser::ParseError
|
|
71
80
|
exit(1)
|
72
81
|
end
|
73
82
|
|
74
|
-
|
75
|
-
# Load the config file and init the manager.
|
83
|
+
# Load the config file.
|
76
84
|
config = File.expand_path(options.fetch(:config, '~/.pwmrc'))
|
77
85
|
config = File.file?(config) ? Psych.load_file(config) : {}
|
78
86
|
|
79
|
-
|
87
|
+
# Override config with options.
|
88
|
+
[:clipboard, :database, :gpgdir, :length, :owner].each do |option|
|
80
89
|
config[option.to_s] = options.delete(option) unless options[option].nil?
|
81
90
|
end
|
82
91
|
|
83
|
-
|
84
|
-
|
92
|
+
# Set GPG dir.
|
93
|
+
if (dir = config.delete('gpgdir'))
|
94
|
+
GPGME::Engine.home_dir = dir
|
95
|
+
end
|
85
96
|
|
86
97
|
# Action!
|
98
|
+
pwm = PerfectWorld::Manager.new(config)
|
99
|
+
|
87
100
|
options.each do |key, value|
|
88
101
|
case key
|
89
102
|
when :backup then pwm.save(value)
|
data.tar.gz.sig
CHANGED
Binary file
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: perfect_world
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.1.
|
4
|
+
version: 0.1.1
|
5
5
|
prerelease:
|
6
6
|
platform: ruby
|
7
7
|
authors:
|
@@ -36,7 +36,7 @@ cert_chain:
|
|
36
36
|
bjRVQmxyeTVQVzB6ZzY0VEk5L1AzNEFHUXQ2SStUOHMKQnh0dUdkZ0YyMkpt
|
37
37
|
M3ZYbGlySkJJSStvMDdIeDV3ZjJEUGRDMTRKRU1UUVZoRVFkc2ZwbU9ub2Q0
|
38
38
|
SnpLdWRxNwpES1U9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K
|
39
|
-
date: 2013-02-
|
39
|
+
date: 2013-02-03 00:00:00.000000000 Z
|
40
40
|
dependencies:
|
41
41
|
- !ruby/object:Gem::Dependency
|
42
42
|
name: gpgme
|
@@ -78,15 +78,16 @@ executables:
|
|
78
78
|
extensions: []
|
79
79
|
extra_rdoc_files: []
|
80
80
|
files:
|
81
|
-
- lib/perfect_world.rb
|
81
|
+
- lib/perfect_world/store.rb
|
82
82
|
- lib/perfect_world/version.rb
|
83
83
|
- lib/perfect_world/error.rb
|
84
84
|
- lib/perfect_world/manager.rb
|
85
|
-
- lib/perfect_world
|
85
|
+
- lib/perfect_world.rb
|
86
86
|
- bin/pwm
|
87
87
|
- README.md
|
88
88
|
homepage: http://github.com/ushis/perfect_world
|
89
|
-
licenses:
|
89
|
+
licenses:
|
90
|
+
- MIT
|
90
91
|
post_install_message:
|
91
92
|
rdoc_options: []
|
92
93
|
require_paths:
|
@@ -96,10 +97,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
96
97
|
requirements:
|
97
98
|
- - ! '>='
|
98
99
|
- !ruby/object:Gem::Version
|
99
|
-
version:
|
100
|
-
segments:
|
101
|
-
- 0
|
102
|
-
hash: 1106683263290744133
|
100
|
+
version: 1.9.0
|
103
101
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
104
102
|
none: false
|
105
103
|
requirements:
|
metadata.gz.sig
CHANGED
Binary file
|