On Tue, 21 Jun 2016 22:16:38 +0800 Hoping White <baihaop...@gmail.com> wrote:
> I wonder is there a way to hide command line arguments from > programs like “ps”? I can rewrite argv parameter for main in c > language, or use LD_PRELOAD to intercept libc_start_main, but all > these methods do not be functional in go. Thanks. What problem are you trying to solve? It smells like you're passing some security-sensitive data to your program. If yes, do not do that: pass it via stdin via any protocol agreed-upon by both parties (a single LF-terminated UTF-8-encoded string could be OK). If you need to use stdin to pass some other data, create a socket pair (man 2 socketpair) in your host program, mark its read end as exported on fork (or, alternatively, mark its write end as not exported on fork -- this really depends on what language/runtime the host is written in) -- to make the read end's file descriptor inherited by your Go process, and pass the number of that file descriptor on the command-line to the Go process. It will then convert it to a proper socket value and read your security-sensitive data from there. (That's what GPG does, for instance). If you need more details, ask away. Otherwise, try looking at prctl(2) and its PR_SET_NAME. Not sure if it works on all POSIX kernels as this call is not defined by POSIX. In any case, I should stress that any attempt of re-writing command-line options as seen by `ps` for security is solving the problem asswards. -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
