If the coder has enough access rights to edit the script, he has access to the credentials needed to access the external pasword storage and/or he can edit the script to expose the pasword.
Write access is not needed, read access is sufficient: Just copy the script, modify the copy, run the copy.
Alexander
--
Today I will gladly share my knowledge and experience, for there are no sweeter words than "I told you so". ;-)
| [reply] |
Reading and local editing is not enough. He must be able to write the edited script on the system where he found it in order to have it run there.
CountZero A program should be light and agile, its subroutines connected like a string of pearls. The spirit and intent of the program should be retained throughout. There should be neither too little or too much, neither needless loops nor useless variables, neither lack of structure nor overwhelming rigidity." - The Tao of Programming, 4.1 - Geoffrey James My blog: Imperial Deltronics
| [reply] |