Is using wput unsecured?
I was mentioning to a colleague to avoid using wput. Isnt it unsecured also into a command line?
Providing your identification in plain text isn't a real good idea (for the reasons explained in the link).
If you want security -- and why wouldn't you want security -- scp is a significantly better way to do so.
Hope this helps some.
He may not be able to use scp, depending on if he is controlling the host he is uploading to but of course point is generally valid. Where possible scp is certainly a much safer plan.
Assuming you have to use ftp at least consider using cURL, since this will hide the password from a ps command run by another user on the same system. IIRC wput will not do this, so a well timed 'ps aux' by someone else on the same system will allow them to snoop the password.
EDIT: Read this for more information on cURL hiding passwords from other users on a system.
|All times are GMT -5. The time now is 11:48 PM.|