[Cc: Vitaly] On Tue, 2021-08-10 at 09:45 -0400, Stefan Berger wrote: > From: Stefan Berger <stefanb@xxxxxxxxxxxxx> > > If the user did not use the --pass option to provide a key password, > get the key password from the EVMCTL_KEY_PASSWORD environment variable. > > Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx> Thanks, Stefan. Vitaly, I'm not sure that there's any benefit of using secure heap for a password stored as an environment variable, but it needs to at least be documented. thanks, Mimi
