We use the command line interface (CLI) a lot, but the authentication creates a big security hole.
hole 1) CLI requires the user's password for each command.
To write a script, many people embed their passwords in the script. (Really bad).
Better is to put the password in a file readable only by the user, but this is still a cleartext password.
hole 2) CLI requires the users's password to be passed on the command line, where anyone can see it with ps(1)
I think (2) is a defect in CLI.
Does anyone have a better solution than a cleartext file for part (1) ?
Thanks.
Join us June 26, 11am PT for a webinar with Atlassian Champion Robert Hean & Loom’s Brittany Soinski. Hear tips, stories, and get your burning questions answered. Learn how Loom makes training and enablement easier. Don’t miss it!
Register todayOnline forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.