[FFmpeg-user] Parse environment variables in command line

[Илья Мельников]

Hello.

В сообщении от Sunday 19 April 2015 05:03:41 Denis Mysenko duster at mail.ru:
> If you use environment variable (like you proposed) or any shell/UNIX 'hack
> (eg. -i `cat url.txt`), at the moment of execution a plain-text password
> will be inserted anyway. And 'ps' will show what really was launched,
> not the string before parsing.

So I suggest exactly not to show plain-text passwords in command line.
Not to use variable on command line.
Not to use hack -i `cat url.txt`.
But give to ffmpeg variable name, and ffmpeg will parse variable themselves.


Variant 1. Password on command line.
Running:
$ export PASS=secret
$ ffmpeg rtsp://admin:$PASS@192.168.0.100/stream1.sdp
will lead to:
$ ps -f -C ffmpeg
UID        PID  PPID  C STIME TTY          TIME CMD
user    1506  1423 88 07:47 pts/11   00:00:08 ffmpeg 
rtsp://admin:secret@192.168.0.100/stream1.sdp


Variant 2. Variable name on command line (name, but not contents).
Running:
$ export PASS=secret
$ ffmpeg 'rtsp://admin:$PASS@192.168.0.100/stream1.sdp'
will lead to:
$ ps -f -C ffmpeg
UID        PID  PPID  C STIME TTY          TIME CMD
user    1506  1423 88 07:47 pts/11   00:00:08 ffmpeg rtsp://admin:
$PASS at 192.168.0.100/stream1.sdp

In the second variant ffmpeg parameters are quoted and will not be parsed by 
bash.
In the second variant "ps" will not see password.
But in the second variant ffmpeg must parse variables at run time.


--
Ilya Melnikov
Monday 20 April 2015 06:41:40
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <https://ffmpeg.org/pipermail/ffmpeg-user/attachments/20150420/3f84fc4a/attachment.asc>