wget: Security Considerations
1
1 9.2 Security Considerations
1 ===========================
1
1 When using Wget, you must be aware that it sends unencrypted passwords
1 through the network, which may present a security problem. Here are the
1 main issues, and some solutions.
1
1 1. The passwords on the command line are visible using ‘ps’. The best
1 way around it is to use ‘wget -i -’ and feed the URLs to Wget’s
1 standard input, each on a separate line, terminated by ‘C-d’.
1 Another workaround is to use ‘.netrc’ to store passwords; however,
1 storing unencrypted passwords is also considered a security risk.
1
1 2. Using the insecure “basic” authentication scheme, unencrypted
1 passwords are transmitted through the network routers and gateways.
1
1 3. The FTP passwords are also in no way encrypted. There is no good
1 solution for this at the moment.
1
1 4. Although the “normal” output of Wget tries to hide the passwords,
1 debugging logs show them, in all forms. This problem is avoided by
1 being careful when you send debug logs (yes, even when you send
1 them to me).
1