On 2003.10.29, Tom Jackson <[EMAIL PROTECTED]> wrote: > This is the perfect place to put sensitive data and pass it to > AOLserver via environment variables.
Please don't say "pass sensitive data via environment variables." On a Linux box, try "ps e" ... $ ps --version procps version 3.1.12 $ ps e | head -2 PID TTY STAT TIME COMMAND 1353 pts/1 S 0:00 /bin/bash STY=1352.ecwav TERM=screen TERMCAP=SC|screen|VT 100/ANSI X3.64 virtual terminal:\??:DO=\E[%dB:LE=\E[%dD:RI=\E[%dC:UP=\E[%dA:bs:bt=\E[Z:\??:cd=\E[J:ce=\E[K:cl=\E[H\E[J:cm=\E[%i%d;%dH:ct=\E[3g:\??:do=^J:nd I truncated the line -- the real output goes on and on, showing the rest of the environment variables. I think this qualifies as being one of the "oldest tricks in the book" for swiping usernames and passwords on a shared-shell host. It's surprising how few people know about this ... resulting in lots of sensitive data in environment variables. > The reason for moving this data out of nsd.tcl is that other users may > need to view the file, but they should not be given access to the the > database passwords. How about putting the sensitive stuff in a seperate .tcl and having nsd.tcl source that in? Have that seperate .tcl file be readable only by root or some other trusted user but not readable to anyone else. Also, if you have database pools with passwords that are sensitive, be very sure to CAREFULLY control who has access to your nscp. Needless to say, if a person has access to your nsd via nscp and knows your db pool name, they can easily get the password. Game over. -- Dossy -- Dossy Shiobara mail: [EMAIL PROTECTED] Panoptic Computer Network web: http://www.panoptic.com/ "He realized the fastest way to change is to laugh at your own folly -- then you can let go and quickly move on." (p. 70) -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
