Investigating use of the Webfaction API, I was stunned to see that it requires storing the control panel password in clear text. I've read a few justifications as to why this would be ok e.g. the entire server would have had to be compromised. Who's to say a future exploit through one unpatched webapp wouldn't allow someone to read your cron table or home directory?
Could Webfaction instead look into making the API more secure by implementing a way to generate application keys for use with the API? Google does something similar. A long lived key can be generated that can be passed to the login method instead of username and password.
Additionally, each key could be locked down to access only a subset of the API functionality. Even if a key to (say) update certificates was compromised, it couldn't be used to delete apps or create additional users.
asked 10 Jan, 02:38