The irony of a security improvement which is equally insecure

Occasional Contributor

5 years ago

That's some great news as it will allow the use of non-file based inputs, whichever the source. Thank you very much!

As for the $HOME directory, that's a Linux variable. The mistake is equally present on the documentation page. The Windows equivalent to cd $HOME would in fact be cd %USERPROFILE%.

In order to improve security by preventing command-line logging, there would also need to be an improvement made to op edit item (https://support.1password.com/command-line-reference/#edit-item) as there is currently no other way to edit an existing item other then to hand over a list of assignments.

Personally, I would love to see the addition of --filename <path> with the option to specify stdin in the same way as edit document does (--filename -). This would allow sending the full json of an existing item (either through a permission secured local file or through stdin) without logging any of the changes on the command-line.

Forum Discussion

The irony of a security improvement which is equally insecure

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

1Password Chrome extension is incorrectly manipulating <code> blocks

SSH Bookmarks - broken on macOS

Unofficial 1Password SDK for Rust

🔊 Securing Cursor agentic development with 1Password Environments

ssh agent and ansible 12 prompting incessantly