cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: SSL Key password from environment variable and not from the command line

From: Dan Fandrich <dan_at_coneharvesters.com>
Date: Thu, 12 Jan 2006 10:58:54 -0800

On Wed, Jan 11, 2006 at 02:38:09PM +0100, Juergen Brauckmann wrote:
> I developed the patch because I want to use curl in a batch context and
> did not want to pass the passphrase on the command line: I assumed that
> the passphrase would be visible via e.g. "ps".

Don't assume that passing data in an environment variable is always secure.
There are platforms where they are be visible to another user (e.g. Solaris).

>>> Dan

-- 
http://www.MoveAnnouncer.com              The web change of address service
          Let webmasters know that your web site has moved

Received on 2006-01-12

This message: [ Message body ]
Next message: Juergen Brauckmann: "Re: SSL Key password from environment variable and not from the command line"
Previous message: Daniel Stenberg: "Re: SSL Key password from environment variable and not from the command line"
In reply to: Juergen Brauckmann: "SSL Key password from environment variable and not from the command line"
Next in thread: Juergen Brauckmann: "Re: SSL Key password from environment variable and not from the command line"
Reply: Juergen Brauckmann: "Re: SSL Key password from environment variable and not from the command line"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]