[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: non-interactive user authentication

From: Kevin Pilch-Bisson <kevin_at_pilch-bisson.net>
Date: 2002-10-07 16:27:18 CEST

On Mon, Oct 07, 2002 at 10:24:10PM +0100, Philip Martin wrote:
> Kevin Pilch-Bisson <kevin@pilch-bisson.net> writes:
>
> > On Mon, Oct 07, 2002 at 10:16:40PM +0100, Philip Martin wrote:
> > > Kevin Pilch-Bisson <kevin@pilch-bisson.net> writes:
> > >
> > > > I don't see the problem with either of:
> > > > 1) Never prompt at all
> > >
> > > Allowing people to specify --username/--password is OK, but requiring
> > > them to do it is not acceptable since passing such information via the
> > > command line can be a security risk.
> > >
> > Right, so once their script fails with the empty uname/password, they can set
> > it up to use a cached one.
>
> How do they do that if there is never a prompt? The security risk is
> not just putting the stuff in a script, it's also a risk putting it on
> the process's command line where it is visible to other processes.
>
They run the command manually without (--username and --password) and pass the
info when it prompts then, and let it be stored in the cache. Then they run
the script again, but now they take the --username and --password out.
Problem is, no, if the password gets changed, do they get a prompt?

Hmm this is tricky.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Kevin Pilch-Bisson                    http://www.pilch-bisson.net
     "Historically speaking, the presences of wheels in Unix
     has never precluded their reinvention." - Larry Wall
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

  • application/pgp-signature attachment: stored
Received on Mon Oct 7 23:28:15 2002

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.