On 19 April 2012 19:07, Strake <strake888_AT_gmail.com> wrote:
> On 19/04/2012, Ivan Kanakarakis <ivan.kanak_AT_gmail.com> wrote:
> > because ii takes as an argument
> > the password/-k,
> > the password is exposed to anyone that can see what processes are running
> > (top/htop).
> >
> > As no process can hide its arguments, how should one go around this ?
> >
> > - reading the passwd from a file (overkill ?)
>
> Why overkill?
>
> $ ii -k `{cat pwf}
>
>
that would still expand to your password before being executed
so the end process line would still include the password
I was thinking in having -k with no argument to go search for a file
like oftc.passwd and grab the password from there.
that is modifying the ii source and how -k is handled.
that way the password will not be seen when examining the processes,
and oftc.passwd would probably be readonly only by the owner.
> Mind, the password is sent in the clear, so anyone on the same network
> segment, or otherwise in the way, can read it anyhow.
>
>
true, does the ssl patch provide any encryption for that ?
--
*Ivan c00kiemon5ter V Kanakarakis *
Received on Thu Apr 19 2012 - 18:24:21 CEST