Nov-08-2023, 07:03 AM
(This post was last modified: Nov-08-2023, 01:49 PM by Gribouillis.)
(Nov-07-2023, 10:17 PM)ejwjohn Wrote: i was hoping that somewhere there was a solution that allowed you to store your "secrets" into the secure cloud then use an "import" function that allows you to access the cloud "secrets" to use within the Python script??In the end, if the Python script accesses the secret, it means that it can read the information that gives access to the secret, such as a password or some encryption key, unless it asks the user to interactively enter a password (which of course can be compromised by key loggers).
Among the possible setups, the Python program could read a configuration file containing the location of the secret file, whether it be on the user's file system or in a cloud. It is the user's responsibility to manage the configuration file's permissions and the access to their user account. As @DeaD_EyE says, if a hacker can obtain the same permissions as the Python program, there seems to be no way to prevent it from accessing the secret.