Re: hide the commabd executed from ps,who
On Wed, May 17, 2000 at 10:25:19PM -0400, David Z Maze wrote:
> Eric G Miller <egm2@jps.net> writes:
> EGM> On Thu, May 18, 2000 at 12:57:18AM +0800, 50191914@uxmail.cityu.edu.hk wrote:
> >> But for example,what if I want to write a shell script which will login
> >> to the remote server automatically?e.g..for some cgi...etc...
<snip>
> None of the "run a program which runs a program with the password as a
> command-line argument" schemes will work, because the subprogram will
> have the password as a command-line argument. It's worth noting that
> the environment is similarly insecure, since (BSD) ps's "e" switch
> (not the SysV "-e" switch) will display programs' environments.
Isn't this the purpose of ~/.netrc ?
> If what you're trying to do is be lazy and not give your password to
> the mail server when you're incing your POP mail, this is probably a
> Bad Idea (TM), and you probably really want to go ahead and type your
> password. (Though there are other issues with this, most notably
> those involving trust of the mail server and packet sniffers on the
> network.)
Admittedly, using .netrc doesn't solve the problem of sending the
password in clear-text to the POP server (neither does retyping
it on the command-line) but at least it keeps the password from showing
up on the output of a "ps" (at least on my slink system, YMMV).
--
David Karlin
dkarlin@coloradomtn.edu
Powered by Debian GNU/Linux
Reply to: