[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV Getting proxies to work

From: Foteos Macrides
Subject: Re: LYNX-DEV Getting proxies to work
Date: Fri, 16 May 1997 12:16:58 -0500 (EST)

address@hidden (Alex Lyons A32/373-Winfrith Tel2368 FAX2508) wrote:
>> > One final (I hope!) point:  having got proxy authorisation to work
>> > alongside access authorisation, I suppose there ought to be an extra
>> > argument to the lynx command of the form "-pauth=id:pw".
>> I'll merely suggest that this is a BAD IDEA(tm).
>> The reason:  in the case of UNIX, it exposes the "id" *and* the "password" 
>> to anyone on the local machine, who can run 'ps'.
>I agree, but it appears to be the only way at present to use lynx to access
>protected documents non-interactively.  A more elegant solution would be to
>provide an option to dump/load the authorisation data structures (hostname,
>realm, uid, password, URL-mask), effectively allowing lynx to "remember" this
>information between sessions.  This would, of course, require a file with
>suitable permissions (ie none, except to the owner), probably in the user's
>home directory (did anyone say ".lynxrc"?).  A stop-gap solution would be to
>get lynx to modify its arglist to hide the sensitive argument(s), but maybe
>this can't be done on all platforms?

        Note that you did not keep distinct whether the call for a
username and password was being done for proxy authorization versus
WWW authorization, and I didn't bother expanding it to do that.

        If you use -auth=username:password on the command line, what you
entered is freed from the command line args as soon as Lynx saves it in a
temporary buffer, then, the assumption is that an authorization request
will be invoked before accessing the startfile.  What you entered is
encoded and used for that, and freed from the temporary buffer.  So
as soon as possible you have the situation that would have applied if
you had let yourself be prompted interactively.

        If you need authorization to start up via a proxy, then what
you entered as the value for -auth will be used for that, and then,
that's that.  If you also need WWW authorization, beyond the proxy,
what you entered as the value of -auth is gone, itself, and its
representation has been assigned to the realm for the proxy. 


 Foteos Macrides            Worcester Foundation for Biomedical Research
 address@hidden         222 Maple Avenue, Shrewsbury, MA 01545
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]