Hi all,
I'm using ii lately as my irc client (written a simple frontend too -- will
post on another mail)
What I noticed (and is expected) is that because ii takes as an argument
the password/-k,
the password is exposed to anyone that can see what processes are running
(top/htop).
try running ii with -k yourpasswd and see the output of
$ ps -o cmd -C ii
ii -k allyourpasswdarebelongtous ..
As no process can hide its arguments, how should one go around this ?
I guess some possible workarounds would be
- reading the passwd from an environmental var (is that any safer?)
- reading the passwd from a file (overkill ?)
- ?
what do you people think ?
should this be 'fixed' in ii ?
--
*Ivan c00kiemon5ter V Kanakarakis *
Received on Thu Apr 19 2012 - 17:54:29 CEST