Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This is powerful stuff, but I can't help feeling like it's adding unnecessary bloat to an already-enormously complicated command. What is the advantage of:

    curl --variable "pwd@secret;[0-31]" \
        --expand-user daniel:{{pwd}} \
        https://example.com/
over, e.g.

    curl --user daniel:`command-to-fetch-password` \
        https://example.com/
? That command may be as simple as an existing one, like cut.


The latter one shows your password in the process listing.


`mount /proc -o hidepid=1` recommended :)


First one will show how to get it :D


… which is not accessible to as many users as the process list is.


And can often be passed in bash via a filehandle, without a file.


Not all places you might run curl allow for shell tricks like process substitution or perhaps for subprocesses at all.


The main benefit seems to be context dependent quoting which is tricky to get right and in most cases (like in your example) omitted completely




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: