From: Shachar Shemesh (linux-il_at_nonexisting.hamakor.org.il)
Date: Sun 27 Jun 2004 - 10:01:51 IDT
Shaul Karl wrote:
>2.2 When the source for command is under control, what is the best way
> to hide the password while still being able to read it in the
> command line?
>
>
Put the password in a file, and give the file name on the command line.
That is the only way I can think of that has no races.
Of course, anyone with read access to the file can still get the
password, but as you have seen in the other answers, that's the case
anyways.
Then again, if not only the source, but also the design is under your
control, you may be able to do more interesting tricks. Things such as
the ssh public-key authentication. Just remeber, whatever you do that is
automatic, anyone with read access to the same source will still be able
to do. There is no way around that.
-- Shachar Shemesh Lingnu Open Source Consulting ltd. http://www.lingnu.com/ ================================================================= To unsubscribe, send mail to linux-il-request_at_linux.org.il with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail linux-il-request_at_linux.org.il
This archive was generated by hypermail 2.1.7 : Sun 27 Jun 2004 - 10:21:44 IDT