[Tutor] passwords in scripts
Danny Yoo
dyoo at hkn.eecs.berkeley.edu
Tue Jan 24 01:58:17 CET 2006
Hi Ben,
Jon Libes of the National Institute of Standards and Technology (NIST) has
written a guide on how to handle passwords in backgrounded processes:
http://expect.nist.gov/doc/bgpasswd.pdf
It has more suggestions on how to handle passwords securely. As you might
expect, it doesn't have a single definitive answer to your question
either. There are many ways to handle passwords with varying levels of
convenience and security in mind.
[comments about telnet]
The use of telnet is already problematic in terms of security. Telnet
passwords are sent in the clear.
(So, although this is unrelated to your particular problem, I think you
should encourage your system administrators to look into ssh in the long
term. HP appears to support it:
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA)
> But surely my problem is a very common one. Every web-app must supply a
> username and password to make a connection to its backend database, for
> example.
One approach that's often used in these kinds of applications is to keep a
separate configuration file with those usernames and passwords. Then we
can use the operating system's mechanisms (like file permissions) to keep
that file mostly safe from prying eyes. This is mentioned in the "Handing
Passwords with Security and Reliability in Background Processes" link
above.
One problem, though, is that anyone who has privileges to execute the
password-reading program will probably have the same power to read that
configuration file directly. I can see encrypting the configuration file
as a way of making it a bit more difficult for people to accidently run
across the passwords, and perhaps that's enough security for your
purposes.
Best of wishes!
More information about the Tutor
mailing list