Cryptkeeper Sets the same password "p" for everything independently of user input

PSA:Never automate security tools through an arbitrary interface. Like STDIN user prompts. Use long form command line arguments, not short arguments (also I wonder if that's why long form arguments exist, 'standardized' key=value where short arguments may change over time, long form tend to stay the same forever)

Oh yeah and testing.... please test things... like a lot...

As a stop gap if you don't want people to use

cmd --username "iamsam" --password "mypass"

From the command line, 'because they might be dumb and it will get stuck in their .bash_history' perhaps a tty check? IF a tool is automating your security tool, you can now interface things reliably. IF someone is piping it, well... that's and edge case I can live with, especially if your tool isn't prone to be useful to piping.

// https://stackoverflow.com/questions/1312922/detect-if-stdin-is-a-terminal-or-pipe
#include <stdio.h>
#include <io.h>
...    
if (isatty(fileno(stdin)))
    printf( "stdin is a terminal\n" );
else
    printf( "stdin is a file or a pipe\n");
/r/netsec Thread Link - bugs.debian.org