Unless someone posts a better idea, my suggestion would be to pull the critical information out of the script into a configuration file that is read by the script, then set the permissions on the file such that only the user the script is running as can read it (0500 under *nix, for example). You may also wish to store the configuration file in a directory location that is also unavailable to other users.
An alternative might be to encrypt the configuration file, and decrypt it when it is read. This, however, runs into a similar issue as before, with the key having to be accessible to the script, and therefore anyone use who can read it.
Hope that helps, and look forward to seeing the comments and suggestions of others to your query.
|