[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

sending password in the command line

Hi Friends,

  I am developing a software to provide access control to users of a
  The gateway has ipchains rules to DENY packets from all
  hosts to the world.

  If the user (a regular user, not root) does:

   $ myprogram enable username password IP

  the program checks the password in a internal database, and enable
  packets from the given IP to the 0/0 world. It also logs user/ip/date.

  if the user does:

   $ myprogram disable username password IP

  it disables the ipchains rules that were enabled before.

  The program seems to be working well.

  Now, here is my question:

    - everybody can capture the passwords with a "ps aux" command, ok?
    - what about doing this to prevent simple ps aux "sniff"

      $ PASS="password" myprogram enable username IP

    then "myprogram" will read the PASS from the environment.
    is there anyway a regular user could capture passwords?

  Thanks in advance,

Reply to: