#7 Please add interactivity

closed
nobody
5
2005-04-23
2003-12-11
Anonymous
No

Please add interactivity to mount.davfs. This is
especially important for digest-authenticated mounts.
Currently, the only way to mount something of this sort
is to add -o username=blah,password=secret to the
command line; it then is visible in a process list. I
suppose that doesn't really impair the security of a
site using HTTP basic authentication (since there isn't
any security to speak of to start with), but digest is
marginally more secure, and it's distressing to be
forced to advertise the username and password this way.

Hmm, I see that it's modified its command line to
obscure the options used. Well, okay. I'd still like
to have an interactive wrapper.

It might be hard to do this, given that some folks will
want a version that can be run from fstab, where this
sort of interactivity would be rotten. Perhaps there
could be a wrapper around mount.davfs, and mount.davfs
could return errors that indicate the sort of failure
that it encountered?

While I'm making requests, perhaps davfs could, instead
of failing when coda isn't available, automatically
attempt to modprobe coda? Or do whatever it is that
various other programs do that causes the kernel module
loader to realize that it ought to autoload coda?

Having carped and whined and complained, let me add
that I'm very, very glad to see this, and congratulate
you on producing it. It's especially nice that you can
create a userspace tool that relies on an existing
kernel module (although I'll be rebuilding kernels on
several machines as a result, in order to make coda
available ...).

Discussion

  • diamondsw
    diamondsw
    2005-04-12

    Logged In: YES
    user_id=1237351

    Let me add another vote for this. I was very dismayed to see davfs did
    not request my password separately as cifs or smb would. I wanted to
    keep my long string to mount my webdav drive as an alias, but I'm sure
    not keeping my password in there as plaintext.

     
  • SungHun Kim
    SungHun Kim
    2005-04-23

    Logged In: YES
    user_id=206854

    Werner Baumann's patch uses a secrets file to read
    password. The version is in the CVS now and will be part of
    next release 0.2.4.

     
  • SungHun Kim
    SungHun Kim
    2005-04-23

    • status: open --> closed