diff options
author | Sean Whitton <spwhitton@spwhitton.name> | 2021-02-23 17:55:36 -0700 |
---|---|---|
committer | Sean Whitton <spwhitton@spwhitton.name> | 2021-02-23 17:55:36 -0700 |
commit | f789ae57f132fb46fd26adcc920ef0110322c0f9 (patch) | |
tree | e99f3e1199bc1867d89d6a7aeb46b375a11a2b1a | |
parent | 36e6e1917b5ba4dc63eb52fe667db87d37fd601e (diff) | |
download | consfigurator-f789ae57f132fb46fd26adcc920ef0110322c0f9.tar.gz |
add TODO regarding :PASSWD & :NOPASSWD
Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
-rw-r--r-- | src/connection/sudo.lisp | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/src/connection/sudo.lisp b/src/connection/sudo.lisp index 551741f..0674fac 100644 --- a/src/connection/sudo.lisp +++ b/src/connection/sudo.lisp @@ -37,6 +37,14 @@ ;; which runs the remote Lisp image. At least :debian-sbcl avoids this by ;; sending your password in on stdin. +;; TODO Let's require the user pass :PASSWD or :NOPASSWD to indicate whether +;; we'll query prerequisite data sources and always try to send a password on +;; stdin, or never try to send one (and default to :NOPASSWD). Will still +;; require an :AS parameter, which is redundant in a sense, but this way +;; avoids it being implicit that we're always going to be sending a password +;; on stdin, which latter has security implications (e.g. if a password is not +;; actually required then the password is going into random processes). + (defmethod preprocess-connection-args ((type (eql :sudo)) &key as (to "root")) (list :sudo :user to |