Re: hide the commabd executed from ps,who
On Tue, 16 May 2000 11:56:07 PDT, "Sean 'Shaleh' Perry" writes:
>On 16-May-2000 50191914@uxmail.cityu.edu.hk wrote:
>> How can I hide the commond I am executing so that people can't see
>> it from ps,or who?For example,if i use mysql by typing mysql -u myname -p
>> passsword ..people can see my password...So it would be good if I can
>> hide what i am doing from other user...espcially for some program which
>> I can specify my password in command line...
>
>don't put your password on the commandline. Even if ps does not show it, it
>will appear in /proc.
So the real question is: how can you manage so that not everything in /proc
is world-readable (is that´s possible by design)?
[waldner:~] ls -al /proc/
dr-xr-xr-x 3 root root 0 May 16 21:05 1
dr-xr-xr-x 3 root root 0 May 16 21:05 16
dr-xr-xr-x 3 waldner users 0 May 16 21:10 1779
...
[waldner:~] ls -la /proc/1/
dr-xr-xr-x 3 root root 0 May 16 21:05 .
dr-xr-xr-x 5 root root 0 May 16 20:10 ..
-r--r--r-- 1 root root 0 May 16 21:11 cmdline
...
Does really every process have to know about each others commandline?
I would´ve imagined that the perms in /proc would depend on the perms
of the executed program, but:
[waldner:~] ls -la setiathome
-rwx------ 1 waldner waldner 328608 Jan 23 20:31 setiathome
[waldner:~] pidof ./setiathome
1909
[root:~] su - tina
$ ls -la /proc/1909/
dr-xr-xr-x 3 waldner users 0 May 16 21:18 .
dr-xr-xr-x 5 root root 0 May 16 20:10 ..
-r--r--r-- 1 waldner users 0 May 16 21:18 cmdline
...
$ cat !$cmdline
cat /proc/1909/cmdline
./setiathome-nice19
Or is there an error in my logic?
(I think I´m gonna be more careful now when running something on
servers with lots o´ accounts...)
&rw
--
/ Robert Waldner <Waldner@KPNQwest.at> | Phone: +43 1 89933 0 Fax x533 \
\ KPNQwest/AT tech staff | Diefenbachg. 35 A-1150 Wien /
Reply to: