|
Not really. This is a fundamental problem of automation... if you want your processes to run without interaction, your program must store enough information to authenticate itself. You can try to obfuscate stored passwords although this is usually pretty futile in th case of scripting languages. It will only deter the most clueless attacker.
You could use strong encryption to scramble the stored passwords (perhaps in a separate file from the script, which will be de-crypted only into memory at run time). However, this is flawed if you want a truly automated program because you must provide the password to de-crypt the password file... This might result in a reduction of password entry, but cannot eliminate it.
It is also not as secure as you might think... pages of memory containing the plaintext passwords might be snoopable directly by the root user, who can simply dump memory pages. Perhaps worse memory might be paged to disk, and there your plaintext passwords could stay for a long time. It is often hard to securely delete this sortr of data from disk.
It's not an easy problem to solve. If you find a solution, I would like to know about it!
|
