On Apr 24, 2010, at 3:26 AM, Christian Kauhaus wrote: > Am 24.04.2010 01:02, schrieb Douglas Garstang: >> I need to pass sensitive options, ie passwords, on the command line, >> and don't want them to appear in log files. > > I think doing so is generally a bad idea. Command line arguments are > world-readable from the process list. Better put the sensitive parameters > into a config file with reasonable permissions. > > Christian >
To expand on this, most command-line programs that take sensitive parameters will also take a file with the parameters so you don't have to expose them to the world. -- You received this message because you are subscribed to the Google Groups "Puppet Users" group. To post to this group, send email to puppet-us...@googlegroups.com. To unsubscribe from this group, send email to puppet-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/puppet-users?hl=en.
