Re: [dev] [ii] exposed password on process monitoring

From: Calvin Morrison <mutantturkey_AT_gmail.com>
Date: Fri, 15 Jun 2012 17:28:14 -0400

Why not just pass the argument from a file?

Exec --flag `cat password-file`

Sorry for top posting
On Jun 14, 2012 10:41 PM, "Andrew Hills" <hills.as_AT_gmail.com> wrote:

> If you don't want the password argument to appear in ps/top listings,
> you can write over argv like curl does (see references to
> cleanarg(char*) in src/tool_getparam.c and the function definition in
> tool_paramhlp.c:133, at least in curl-7.26.0). I'm pretty sure that
> writable argv is guaranteed by C89, although that doesn't really mean
> anything in practice... but it works on Linux.
>
> --Andrew Hills
>
>
Received on Fri Jun 15 2012 - 23:28:14 CEST

This archive was generated by hypermail 2.3.0 : Fri Jun 15 2012 - 23:36:04 CEST