Passwords in cron scripts

David Wahler dwahler at gmail.com
Sat Dec 24 18:17:50 CET 2005


Mark Carter wrote:
> I have some python scripts that run as cron jobs. They connect to
> external resources (like a newsserver) - for which passwords are
> required. I currently have them stored in the scripts themselves (ouch!)
> - and was wondering if there was a more secure solution.

Any form of authentication requires some kind of secret data that
uniquely identifies the party in question -- in this case, the password
identifies your script. To run on behalf of you, the Python interpreter
must be able to have that password. Short of a full-blown Trusted
Computing system, it's impossible for that data to be stored in a form
which Python can use but nobody else can. I'm afraid you just have to
rely on the security of your operating system.

-- David




More information about the Python-list mailing list