• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: protecting passwords in properties
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: protecting passwords in properties

  • Subject: Re: protecting passwords in properties
  • From: Brian Johnson <email@hidden>
  • Date: Thu, 20 Mar 2008 20:13:56 -0700 (PDT)

I'm not totally clear on the trail of storage you are proposing (whether a property every holds the clear-text password), and I'm fuzzy on the syntax (hey, it's the end of the quarter), but it was once true that if you named the property (eg) "password" then

   password of application "compiled_script"

(or something like this) executed in ScriptEditor would return the property value from a compiled script, even if saved as run-only. I've just tried to reinforce my memory with a working example, without luck, but I'll bet it's still true.

  -b.johnson, dept of architecture, university of washington

On Thu, 20 Mar 2008, Vince Angeloni wrote:

I'm sticking to my suspicious scripting questions... ;  )

At any rate, I would like to use to the unix cmd 'shutdown' to bounce my kids off the computer when they exceed their time, and they don't pay attention to the more gentle system event "log out" I use previously to encourage them to get off the computer. To use this, I have to use an applescript 'with administrator privileges', so if I want this script to run on the kids' accounts, I'll need to put my admin account name and password into a property. I understand this is not secure.

I am thinking of leaving the properties empty when I compile and when the script first runs, it will ask for my admin account name and password and then place it into the property, only after having run it through the unix cmd 'openssl' to encrypt it. Thus, the property will only show the encrypted password. The password for the openssl command itself will be derived from an applescript which generates it by picking certain letters from a string of text stored in a temporary variable.

I am assuming that since this is compiled as a run-only application, the admin account password stored as a property will be encrypted and my password for openssl will be hidden in the compiled run-only applescript code. Are there any obvious holes here that I am missing?

TIA

Vince


_______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users

This email sent to email@hidden
References: 
 >protecting passwords in properties (From: Vince Angeloni <email@hidden>)

  • Prev by Date: Re: protecting passwords in properties
  • Next by Date: getting return from apple event
  • Previous by thread: Re: protecting passwords in properties
  • Next by thread: Re: protecting passwords in properties
  • Index(es):
    • Date
    • Thread