Re: [dev] [ii] exposed password on process monitoring

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Strake <strake888_AT_gmail.com>
Date: Thu, 19 Apr 2012 11:07:43 -0500

On 19/04/2012, Ivan Kanakarakis <ivan.kanak_AT_gmail.com> wrote:
> because ii takes as an argument
> the password/-k,
> the password is exposed to anyone that can see what processes are running
> (top/htop).
>
> As no process can hide its arguments, how should one go around this ?
>
> - reading the passwd from a file (overkill ?)

Why overkill?

$ ii -k `{cat pwf}

Mind, the password is sent in the clear, so anyone on the same network
segment, or otherwise in the way, can read it anyhow.
Received on Thu Apr 19 2012 - 18:07:43 CEST

This archive was generated by hypermail 2.3.0 : Thu Apr 19 2012 - 18:12:04 CEST