Hiding stuff like passwords in source?
Donn Cave
donn at drizzle.com
Sat Dec 8 23:23:02 EST 2001
Quoth "nobody" <root@[127.0.0.1]>:
| Keep your passwords in environment variables (if your OS doesn't support
| them, or can't protect them from prying eyes, kill yourself immediately :).
Can't protect them from prying eyes covers a lot of UNIX platforms.
It's more like "don't" than "can't" - enviroment variables just aren't
subject to any kind of access control, and if you think "well, they
should be!", I suppose next you won't want us to be able to see your
commands and parameters, etc.
Systems like Kerberos, ssh, etc. use the filesystem for storage with
access control.
Donn Cave, donn at drizzle.com
More information about the Python-list
mailing list