Duplicity FTP method does not allow for secure password transmission

When using the duplicity handler there doesn't currently seem to be a way to securely transmit the FTP password from backupninja to duplicity.

This issue also used to exist between duplicity and ncftp (which duplicity uses for FTP transfers) but has been solved since: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=442840

However, it still exists between backupninja and duplicity. According to man(1) duplicity:

       Duplicity can also access a repository via ftp.   If  a  user  name  is
       given,  the  environment variable FTP_PASSWORD is read to determine the
       password:

              FTP_PASSWORD=mypassword;          duplicity           /local/dir
              ftp://user@other.host/some_dir

As such, the backupninja duplicity handler should be able to prefix duplicity invocations with this environment variable. To achieve this, I suggest it should either interpret an generic 'environment = VAR1=foo VAR2=bar' setting or a dedicated 'ftp_password = my secret password' setting, or both, when such are found in a duplicity action configuration.

I added this as a bug rather than a feature request since I think this could be considered a security issue: the FTP transfer functionality is supported but secure transmission of the FTP password is not, so one could argue that this functionality is implemented in an insecure way - unless I missed something.

(from redmine: created on 2010-04-18, closed on 2010-05-06)