Re: [dev] [ii] exposed password on process monitoring

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Andrew Hills <hills.as_AT_gmail.com>
Date: Fri, 15 Jun 2012 11:51:27 -0400

On Jun 15, 2012 5:53 AM, "Rob" <robpilling_AT_gmail.com> wrote:
> You can't depend on this - what if another user's process snapshots ii's
> argv array before ii overwrites it?

Fair enough. For me, this risk is low enough that I rely on it at
work. Since the -k <password> option is still in tip, here's a patch
that masks it in argv. (I tried to match the coding style as close as
possible.)

--Andrew Hills

application/octet-stream attachment: ii-mask-key-argv.patch

Received on Fri Jun 15 2012 - 17:51:27 CEST

This archive was generated by hypermail 2.3.0 : Fri Jun 15 2012 - 18:00:09 CEST