[ofa-general] Re: [PATCH] saquery: --smkey command line option
Hal Rosenstock
hrosenstock at xsigo.com
Wed May 28 04:06:30 PDT 2008
On Tue, 2008-05-27 at 20:56 +0300, Sasha Khapyorsky wrote:
> On 04:29 Tue 27 May , Hal Rosenstock wrote:
> > On Fri, 2008-05-23 at 05:52 -0700, Hal Rosenstock wrote:
> > > > Following your logic we will need to disable root passwords
> > > > typing too.
> > >
> > > That's taking it too far. Root passwords are at least hidden when
> > > typing.
> >
> > At least hide the key typing from plain sight when typing like su does.
>
> There are lot of tools where password can be specified as clear text in
> command line (wget, smbclient, etc..) - it is an user responsibility to
> keep his sensitive data safe.
Do those tools provide a way to obscure passwords or force the user to
do this in plain sight ? Seems like a user can't do this without support
from the tool. smbclient seems to provide this; I didn't look at wget.
smbclient supports an authorization file which supports this and says:
Make certain that the permissions on the file restrict access
from unwanted users.
As you mentioned before, this is another acceptable approach (and this
also lends itself better to scripting).
-- Hal
> Sasha
More information about the general
mailing list