[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev passing the authentication login/password via a file?
From: |
Doug Kaufman |
Subject: |
Re: lynx-dev passing the authentication login/password via a file? |
Date: |
Thu, 15 Apr 1999 17:50:13 -0700 (PDT) |
On Thu, 15 Apr 1999, Steven Sakata wrote:
> We are using "lynx" on a UNIX box to download files from a secure
> site. We currently pass the login and password using the "-auth"
> argument. It works well. However, my concern is that while it is
> running, any user can do a "ps" and see the login and password in
> clear text. I was wondering if there is a way to have the login and
> password in a file, or set in an environment variable instead of
> having it used on the command line.
I see two solutions to this problem. If you use lynx in interactive
mode, it will ask for the userid and password at the time you try to
download. This information should not be available via "ps". If in
non-interactive mode, I don't think that lynx can do this, but wget
can. Wget can read the userid and password from your .netrc file.
Read the section of the wget info pages on security considerations,
however. Wget is available from any of the usual Gnu archives.
Doug
__
Doug Kaufman
Internet: address@hidden (preferred)
address@hidden