[Python-Dev] [OT] Re: getpass and stdin
Shaya Potter
spotter at cs.columbia.edu
Tue Feb 26 21:42:38 CET 2008
Leif Walsh wrote:
> On Tue, Feb 26, 2008 at 2:14 PM, Shaya Potter <spotter at cs.columbia.edu> wrote:
>> 1) I am willing to type in the password, which is obvious to anyone who
>> can read a simple script. That just doesn't work for a program you want
>> to run in the background to type it in every time.
>
> I recommend you just hack on this getmail program and give it a daemon
> mode. That shouldn't be too large of a task, and it will certainly be
> more secure (and you can even commit your changes as a new feature!).
> Otherwise, your best bet is probably, as Charles said, making the
> passfile work for you (maybe play with nfs and see if you can get it
> to hide things...I'm no wizard with it, but I'm willing to bet it's
> possible).
I don't disagree (though nfs will never work, think root exploit on
another machine, squash_root doesn't help). I wasn't posting here about
how to change getmail (I can make those changes easily), the issue was
simply understanding python's getpass(). Which you answered my question
on, so thank you.
More information about the Python-Dev
mailing list