Re: non-interactive user authentication

From: Kevin Pilch-Bisson <kevin_at_pilch-bisson.net>
Date: 2002-10-07 16:18:34 CEST

On Mon, Oct 07, 2002 at 10:16:40PM +0100, Philip Martin wrote:
> Kevin Pilch-Bisson <kevin@pilch-bisson.net> writes:
>
> > I don't see the problem with either of:
> > 1) Never prompt at all
>
> Allowing people to specify --username/--password is OK, but requiring
> them to do it is not acceptable since passing such information via the
> command line can be a security risk.
>
Right, so once their script fails with the empty uname/password, they can set
it up to use a cached one.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kevin Pilch-Bisson                    http://www.pilch-bisson.net
     "Historically speaking, the presences of wheels in Unix
     has never precluded their reinvention." - Larry Wall
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

application/pgp-signature attachment: stored

Received on Mon Oct 7 23:19:28 2002

This message: [ Message body ]
Next message: Philip Martin: "Re: non-interactive user authentication"
Previous message: Philip Martin: "Re: non-interactive user authentication"
In reply to: Philip Martin: "Re: non-interactive user authentication"
Next in thread: Philip Martin: "Re: non-interactive user authentication"
Reply: Philip Martin: "Re: non-interactive user authentication"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]