January 2021
Intermediate to advanced
581 pages
15h 7m
Chinese
Content preview from bash shell脚本编程经典实例 (第2版)
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
编写安全的
shell
脚本
|
303
14.20
在脚本中使用密码
14.20.1
问题
你需要将密码硬编码在脚本中。
14.20.2
解决方案
这种做法显然不是什么好主意,应该尽可能避免。可惜有时在所难免。
第一种规避的方法是,看看能否使用包含
NOPASSWD
的
sudo
,这样就不用到处硬编码密码
了。不过这本身也有风险,但值得一试。详见
14.19
节。
另一种方法是将
SSH
和公钥及受限命令配合使用(参见
14.21
节 )。
如果没有其他解决方法,那么最好的做法就是将用户
ID
和密码放进单独的文件,该文件
只能由需要的用户读取,然后必要时用
source
命令读入该文件(参见
10.3
节)。当然了,
这个文件不用进行版本控制。
14.20.3
讨论
使用
SSH
安全地访问远程计算机上的数据相对比较容易(参见
14.21
节和
15.11
节)。甚至
还可以使用这种方法访问同一主机上的其他数据,不过使用
sudo
的效率也许会高得多。但
是,如何用
SQL
命令访问远程数据库中的数据呢?在这种情况下,你基本上做不了什么。
没错,你可能会说,用
crypt
或者其他密码散列如何?问题是,存储密码的安全方法都涉
及使用单向散列(
one-way hash
)。密码管进不管出。也就是说,对于特定的散列,理论
上是无法还原出明文密码的。但明文密码是关键,我们得用它访问数据库或别的地方。因
此,安全存储就算了吧。
那剩下的就只有非安全存储了,但这可能比明文还糟糕,因为它带来了一种虚假的安全
感。如果你就是喜欢,也确保不会迷信这种所谓的安全,可以动手使用
ROT13
或其他算 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.