cURL / Mailing Lists / curl-users / Single Mail


Re: SSL Key password from environment variable and not from the command line

From: Dan Fandrich <>
Date: Thu, 12 Jan 2006 10:58:54 -0800

On Wed, Jan 11, 2006 at 02:38:09PM +0100, Juergen Brauckmann wrote:
> I developed the patch because I want to use curl in a batch context and
> did not want to pass the passphrase on the command line: I assumed that
> the passphrase would be visible via e.g. "ps".

Don't assume that passing data in an environment variable is always secure.
There are platforms where they are be visible to another user (e.g. Solaris).

>>> Dan

--              The web change of address service
          Let webmasters know that your web site has moved
Received on 2006-01-12