The new pass-plugin

Asked by oriolpont on 2016-02-27

Could you please clarify the purpose of the new plugin for "pass"?

At least at first glance, it would look marginally useful (synapse is mainly for launching or opening; passwords rarely fit in this category) at best and a clear potential risk at worst: An easy mistake through the wrong program easily ends with the cleartext password written to disk. Am I missing something?

Question information

Language:
English Edit question
Status:
Solved
For:
Synapse Edit question
Assignee:
Michael Aquilina Edit question
Solved by:
Michael Aquilina
Solved:
2016-03-01
Last query:
2016-03-01
Last reply:
2016-03-01

The idea is to provide an easy solution for copying passwords stored by "pass" to the clipboard.

As you rightly pointed out, synapse is meant to provide an easy and efficient way of launching programs. In the usual scenario when using "pass" you would need to open a terminal, and type `pass -c My/Password/Name` for example to do this. This is cumbersome and requires you to remember the exact path each time (tab completion helps but still requires a lot of effort and doesn't remove the need to open a terminal each time).

In the past I would often find myself using reverse-search in the terminal to access commonly used passwords with a fuzzy search but this assumed you had already used the password before. This is where I got the idea to add a pass plugin to synapse as it felt like the perfect fit.

This plugin allows you to simply partially type the password you wish to copy into your clipboard so that you may immediately paste it where it's needed. I have been personally using it for months now and I can't imagine myself going back on it.

I've created a gif to try demonstrate this:

https://i.imgur.com/pMjck1o.gif

With regards your security concerns, I'm not sure I understand the issue? All the plugin does is provide a quick mechanism to launch the copy operation. All the security that pass provides is all there.

oriolpont (oriolpont) said : #2

Thanks for the detailed answer.

I occasionally end up launching the wrong command in Synapse. If it copies a password to clipboard and I was not expecting that, I may paste it somewhere where it is automatically written to disk in cleartext. That said, I can see that the risk for this is very low: The missing / unexpected action is noticeable and, as your GIF shows, there is usually a notification for the action.

oriolpont (oriolpont) said : #3

Thanks Michael Aquilina, that solved my question.