blob: b7a4eb0966f5b872619a4ac3159ea96547d05f4f (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
===============================================================================
Important security considerations
===============================================================================
Before using the 'edit' subcommand interactively, it's recommended to set the
SECURE_TMPDIR environment variable to a location that isn't written to disk,
such as a tmpfs mount, ideally using encrypted swap:
https://www.freebsd.org/doc/handbook/swap-encrypting.html
Also keep in mind your editor may create temporary files and backups in other
locations - consider disabling these features for files matching the pattern
lpass.* or within your $SECURE_TMPDIR. For example, with vim:
autocmd BufRead lpass.* setlocal noundofile nowritebackup noswapfile
===============================================================================
Using OpenSSL from ports
===============================================================================
If you're using security/openssl, ensure ftp/curl is configured with the
HEIMDAL_PORT option to avoid linking to two different OpenSSL libraries.
===============================================================================
Other steps
===============================================================================
lpass requires /proc to be mounted for correct operation. To enable it add
the following to /etc/fstab and run 'mount /proc':
proc /proc procfs rw 0 0
|
