Latest LQ Deal: Linux Power User Bundle
Go Back > Forums > Linux Forums > Linux - General
User Name
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.


  Search this Thread
Old 05-01-2013, 03:34 AM   #1
Registered: Feb 2006
Distribution: FreeBSD, Linux, Slackware, LFS, Gparted
Posts: 654

Rep: Reputation: 136Reputation: 136
Is using wput unsecured?


I was mentioning to a colleague to avoid using wput. Isnt it unsecured also into a command line?


This is unadvisable for several reasons. The URL being opened may be determinable by other users on the same machine on which you are browsing (as from a command line).
Old 05-01-2013, 05:46 AM   #2
Senior Member
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
Providing your identification in plain text isn't a real good idea (for the reasons explained in the link).

If you want security -- and why wouldn't you want security -- scp is a significantly better way to do so.

Hope this helps some.
Old 05-01-2013, 07:05 AM   #3
Senior Member
Registered: Jan 2011
Location: Oslo, Norway
Distribution: Slackware
Posts: 2,324

Rep: Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355Reputation: 1355
He may not be able to use scp, depending on if he is controlling the host he is uploading to but of course point is generally valid. Where possible scp is certainly a much safer plan.

Assuming you have to use ftp at least consider using cURL, since this will hide the password from a ps command run by another user on the same system. IIRC wput will not do this, so a well timed 'ps aux' by someone else on the same system will allow them to snoop the password.

EDIT: Read this for more information on cURL hiding passwords from other users on a system.

Last edited by ruario; 05-01-2013 at 07:16 AM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Wput script ceantuco Linux - Newbie 8 03-12-2012 09:52 AM
wput not uploading whiteghetto Linux - Software 0 08-22-2008 12:59 PM
wput and anonymous FTP whiteghetto Linux - Software 1 08-19-2008 02:43 PM
vsftpd and wput mnotgninnep Debian 8 03-07-2006 05:06 PM > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 07:49 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration