Re: Ooops!
Re: Ooops!
- Subject: Re: Ooops!
- From: Deivy Petrescu <email@hidden>
- Date: Sun, 02 Nov 2014 10:59:57 -0500
On Nov 1, 2014, at 04:22 , Barry Wainwright <email@hidden> wrote:
>
>> On 1 Nov 2014, at 02:06, Brian Christmas <email@hidden> wrote:
>>
>> set thePassword to text reurned of (display dialog "I need to set 'Application Accessibility' for this application." & return & return & "Please type in your Administrative password." default answer "")
>>
>
> And please, don’t do this!
> Apart from the fact you don’t use the “with hidden answer” option in the display dialog command, the administrator password will be saved in the script in plain text where it can be easily accessed.
>
> If you run a shell script using ‘with administrator privileges’ without supplying the password the system will prompt for a password using a system call, which is much more secure.
>
> --
> Barry
Barry,
you said: " don’t use the “with hidden answer” option in the display dialog command, the administrator password will be saved in the script in plain text where it can be easily accessed. “
You are assuming this. Without seeing the code, you actually don’t know this for a fact.
If the last line of the script is
set thePassword to “”
the password is gone. Also, as I do in many scripts if you encrypt the password, then it will not be available when you look at the script.
It is a good point to raise, but you can not be sure you have this problem if you don’t ask the original scripter.
Deivy Petrescu
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
AppleScript-Users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
Archives: http://lists.apple.com/archives/applescript-users
This email sent to email@hidden
| References: | |
| | >Re: Ooops! (From: Barry Wainwright <email@hidden>) |