24 Jan
2002
24 Jan
'02
9:25 a.m.
Mike Renfro wrote:
Assuming the server has non-administrative users with login priveleges, if they run 'ps auxwww' at just the right time, they've captured all your command line arguments to wget... including your Zope administrative username and password. Python product installation doesn't carry that particular risk.
One way to eliminate that possibility would be to use a browser other than wget, something that can prompt for the administrative username and password when needed, or read them from a protected file.
Ahh, this I forgot, this is indeed a problem. Thanks. cheers, oliver