Passwords in cron scripts
Peter Hansen
peter at engcorp.com
Sat Dec 24 08:35:34 EST 2005
Mark Carter wrote:
> I have some python scripts that run as cron jobs. They connect to
> external resources (like a newsserver) - for which passwords are
> required. I currently have them stored in the scripts themselves (ouch!)
> - and was wondering if there was a more secure solution.
Secure from whom? It's likely they are already being sent in clear text
when they are transmitted to the server, so at the very least they are
visible to anyone on that machine or on any other machine on your
network who can run something like tcpdump, and to anyone with access to
any of the machines on any of the other networks which carry traffic
between yours and the ultimate network where the server lives.
That's a lot of people already, without even looking at people with
login access to the machine in question.
-Peter
More information about the Python-list
mailing list