obfuscate passwords from the command line

[totaam]

Running:

xpra attach ssh://USERNAME:PASSWORD@HOSTNAME/

Shows the password in the process list.
We should detect that a password is present in the sys.args during parsing and flag it so that the clients can then obfuscate it.

[totaam]

This will do.
But don't rely on it

Important caveats for anyone reading this:

• we can't hide the password until we get to the point where we are using the command line arguments, which may several seconds or more after the command is executed - anyone reading the process list during that time will still be able to see the password
• not all commands are being obfuscated - check if the one you are using is one of those