Florian Lindner wrote: > Hello, > given the following situation: > > I have a script which is readable and executable by a user, but not > writable. > The users executes the scripts, it reads in a value and based on this > value it computes a result and stores it in a variable. > Can the user read out the value of this variable?
Yes. > If yes, can he be prevented to do so? Only if the sensitive part of your script runs under different user. See thread about storing passwords in a script: http://groups-beta.google.com/group/comp.lang.python/browse_frm/thread/91e4c114c5114e92 > (It's a ordinary user on a Linux system with access to the python > interpreter.) If there is a will, there is a way :) I used to run a persistant server on Solaris as ordinary user. The trick is to create an entry in crontab that will periodically (every 10 minutes) check if your server is running, if not, start it up. Note however, after that it's not a good idea to keep sensitive files in your home directory (like your tax forms or browsing history), because if you make an error in your server and it will be hacked, then you risk exposing all your files. Serge. -- http://mail.python.org/mailman/listinfo/python-list