Prefix the 'echo' with a whitespace unless you want your password in the shell history.
Else use dev/stdin al password file and press ^D to end the password. If you dump the process memory the password will still be there. So if the environ is a problem, the process memory it is too. So bear in mind to trash the data where the password is after using it. On Saturday, June 16, 2012 at 4:44 PM, Calvin Morrison wrote: > Ah how silly of me > On Jun 16, 2012 8:06 AM, "Andrew Hills" <hills...@gmail.com > (mailto:hills...@gmail.com)> wrote: > > On Fri, Jun 15, 2012 at 7:14 PM, Calvin Morrison <mutanttur...@gmail.com > > (mailto:mutanttur...@gmail.com)> wrote: > > > On Jun 15, 2012 6:13 PM, "Kurt H Maier" <khm-suckl...@intma.in > > > (mailto:khm-suckl...@intma.in)> wrote: > > >> On Fri, Jun 15, 2012 at 05:28:14PM -0400, Calvin Morrison wrote: > > >> > Why not just pass the argument from a file? > > >> > > > >> > Exec --flag `cat password-file` > > >> hahahah > > > What is so funny? > > > > Try this for me: take the attached file, argv.c, and drop it > > somewhere; find it, run "make argv", and then do something like: > > $ echo secretpassword > passwordfile > > $ ./argv `cat passwordfile` > > Look at the output. If you haven't caught on yet, run ps or top and > > look at the process. Make sense now? > > > > --Andrew Hills
