Command line API: How to not expose passwords?

3 posts / 0 new
Topic locked
Last post
#1 Tue, 11/10/2009 - 03:10
bengtan

Command line API: How to not expose passwords?

I'm scripting Virtualmin GPL using the command line API and ran into a security related issue.

In order to use commands such as create-domain, modify-domain etc., I have to supply passwords on the command line ie. virtualmin --pass password.

But ...

Such passwords are transiently available if some other normal shell user happens to run 'ps -ef' at the same time.

So, any thoughts on how I can work around this?

Is there an equivalent of mysql's -p parameter which accepts passwords via stdin?

Tue, 11/10/2009 - 09:08
andreychek

Howdy,

That's a good question, and while I'm not aware of a way to do that now -- I bet Jamie would be happy to either steer you in the right direction, or code up a solution if there isn't one :-)

What I'd recommend is filing a request using the Support link above, saying exactly what you did in your post here, and Jamie will work with you to come up with a good solution.

-Eric

Tue, 11/10/2009 - 20:35
bengtan

Filed a support issue at:

https://www.virtualmin.com/node/12275

Thank you.

Topic locked