On Mon, Oct 07, 2002 at 10:24:10PM +0100, Philip Martin wrote:
> Kevin Pilch-Bisson <kevin@pilch-bisson.net> writes:
>
> > On Mon, Oct 07, 2002 at 10:16:40PM +0100, Philip Martin wrote:
> > > Kevin Pilch-Bisson <kevin@pilch-bisson.net> writes:
> > >
> > > > I don't see the problem with either of:
> > > > 1) Never prompt at all
> > >
> > > Allowing people to specify --username/--password is OK, but requiring
> > > them to do it is not acceptable since passing such information via the
> > > command line can be a security risk.
> > >
> > Right, so once their script fails with the empty uname/password, they can set
> > it up to use a cached one.
>
> How do they do that if there is never a prompt? The security risk is
> not just putting the stuff in a script, it's also a risk putting it on
> the process's command line where it is visible to other processes.
>
They run the command manually without (--username and --password) and pass the
info when it prompts then, and let it be stored in the cache. Then they run
the script again, but now they take the --username and --password out.
Problem is, no, if the password gets changed, do they get a prompt?
Hmm this is tricky.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kevin Pilch-Bisson http://www.pilch-bisson.net
"Historically speaking, the presences of wheels in Unix
has never precluded their reinvention." - Larry Wall
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- application/pgp-signature attachment: stored
Received on Mon Oct 7 23:28:15 2002