Re: LYNX-DEV Getting proxies to work

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Getting proxies to work

From:	Robert Bonomi
Subject:	Re: LYNX-DEV Getting proxies to work
Date:	Fri, 16 May 1997 12:40:51 -0500 (CDT)

+> > > One final (I hope!) point:  having got proxy authorisation to work
+> > > alongside access authorisation, I suppose there ought to be an extra
+> > > argument to the lynx command of the form "-pauth=id:pw".
+> >
+> > I'll merely suggest that this is a BAD IDEA(tm).
+> > 
+> > The reason:  in the case of UNIX, it exposes the "id" *and* the "password" 
+> > to anyone on the local machine, who can run 'ps'.
+> 
+> I agree, but it appears to be the only way at present to use lynx to access
+> protected documents non-interactively.  A more elegant solution would be to
+> provide an option to dump/load the authorisation data structures (hostname,
+> realm, uid, password, URL-mask), effectively allowing lynx to "remember" this
+> information between sessions.  This would, of course, require a file with
+> suitable permissions (ie none, except to the owner), probably in the user's
+> home directory (did anyone say ".lynxrc"?).  A stop-gap solution would be to
+> get lynx to modify its arglist to hide the sensitive argument(s), but maybe
+> this can't be done on all platforms?
+
+ A slightly more secure method is to store the authorization information in
+ environment variables (for UNIX, djgpp, and Win32, at any rate -- not sure
+ about VMS.) Environment variables are not visible with the `ps' command on
+ most systems. Perhaps LYNXAUTH is a good name?

Environment variables *ARE* available to PS, on _most_ unix systems.   *sigh*
On a BSD-based system, see the '-c' (show _real_ command-line) and '-e' (show
environment) flags.  On SYSV, it -always- does the equivalent of '-c'.  There
is an equivalent to the '-e' flag, too, but I don't remember what it is.

The *only* _approximatly_reliable_ secure way to do this is have the info _in_
_a_file_, and to NOT trust the file, unless it is mode 700, and _owned_ by the
current user.

;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;

[Prev in Thread]

Current Thread

[Next in Thread]

Re: LYNX-DEV Getting proxies to work, (continued)
- Re: LYNX-DEV Getting proxies to work, Alex Lyons A32/373-Winfrith Tel2368 FAX2508, 1997/05/16
- Re: LYNX-DEV Getting proxies to work, Robert Bonomi, 1997/05/16
- Re: LYNX-DEV Getting proxies to work, Alex Lyons A32/373-Winfrith Tel2368 FAX2508, 1997/05/16
  - Re: LYNX-DEV Getting proxies to work, Larry W. Virden, x2487, 1997/05/16
  - Re: LYNX-DEV Getting proxies to work, Al Gilman, 1997/05/16
  - Re: LYNX-DEV Getting proxies to work, T.E.Dickey, 1997/05/16
  - Re: LYNX-DEV Getting proxies to work, Benjamin C. W. Sittler, 1997/05/16
    - Re: LYNX-DEV Getting proxies to work, Larry W. Virden, x2487, 1997/05/16
  - Re: LYNX-DEV Getting proxies to work, Greg Marr, 1997/05/16
- Re: LYNX-DEV Getting proxies to work, Foteos Macrides, 1997/05/16
- Re: LYNX-DEV Getting proxies to work, Robert Bonomi <=
- Re: LYNX-DEV Getting proxies to work, Laura Eaves, 1997/05/16

Prev by Date: Re: LYNX-DEV autoconf & Ultrix standart cc compiler
Next by Date: Re: LYNX-DEV SGML entities question
Previous by thread: Re: LYNX-DEV Getting proxies to work
Next by thread: Re: LYNX-DEV Getting proxies to work
Index(es):
- Date
- Thread