On Sun, Jun 27, 2004 at 10:36:26AM +0300, Noam L. wrote: > A program can cloak its commandline (or even have it cloacked for her) > An example: MySQL's client: > > 6093 pts/76 S 0:00 mysql -uroot -px xxxxxx > . > [EMAIL PROTECTED]:/var/lib/mysql# cat /proc/6093/cmdline > mysql-uroot-pxxxxxxx > > > such program does that by editing its argv.
Quoting http://groups.google.com/groups?hl=en&lr=&ie=UTF-8&selm=3lo0kt%24nih%40newsserver.trl.OZ.AU&rnum=21 Notice that on HP-UX (or any derivative of AT&T UNIX), blanking out argv(1) has no effect. You are still able to see all its arguments. This is due to the way AT&T UNIX implements its process list and the permissions associated with it. Programs are not permitted to modify the process list. Therefore Oracle programs are unable to hide the username and password on AT&T UNIX version of the operating system. All is not lost. It is still possible to hide the arguments from the 'ps' program by left padding the first argument with lots of spaces. Does Linux falls under `any derivative of AT&T UNIX'? Perhaps I should asked whether Linux falls in that category with regard to hidding a password that is given in the command line? -- "If you have an apple and I have an apple and we exchange apples then you and I will still each have one apple. But if you have an idea and I have an idea and we exchange these ideas, then each of us will have two ideas." -- George Bernard Shaw (sent by shaulk @ 013 . net . il) ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
