Hiding stuff like passwords in source?

Donn Cave donn at drizzle.com
Sat Dec 8 23:23:02 EST 2001

Quoth "nobody" <root@[]>:
| Keep your passwords in environment variables (if your OS doesn't support
| them, or can't protect them from prying eyes, kill yourself immediately :).

Can't protect them from prying eyes covers a lot of UNIX platforms.
It's more like "don't" than "can't" - enviroment variables just aren't
subject to any kind of access control, and if you think "well, they
should be!", I suppose next you won't want us to be able to see your
commands and parameters, etc.

Systems like Kerberos, ssh, etc. use the filesystem for storage with
access control.

	Donn Cave, donn at drizzle.com

More information about the Python-list mailing list