[prev in list] [next in list] [prev in thread] [next in thread] 

List:       kde-devel
Subject:    Re: password input, was Re: libg++ and KDE
From:       aleXXX <alexander.neundorf () rz ! tu-ilmenau ! de>
Date:       1998-10-28 21:39:12
[Download RAW message or body]

Alex Zepeda wrote:

> On Wed, 21 Oct 1998, David Faure wrote:
>
> > > On the other hand I took a look at ps (using Qps, really nice
> > > program), and found the process smbclient:
> > > "smbclient //hostname/IPC$ XXXXX -L hostname"
> > > i.e. smbclient overwrote the password in its commandline with "XXXXX".
> > > But the xterm in which I started smbclient still had:
> > > "xterm -e smbclient //hostname/IPC$ my_password -L hostname ".
> > > Is there a way to overwrite the password in the commandline of this
> > > process ? That would be interesting, but I don't know how to do that -
> > > probably OS specific, isn't it ?
>
> Actually in the main function, a simple argv[foo]=bar should do the
> trick, right after the KApp constructor, but before it's run is a good
> places.

I found another way:
I start a xterm, which executes a small wrapper binary.
This binary reads the command, which should be executed from a FIFO
, it gets the name of the FIFO via command line:
xterm -e wrapper /FIFOfilename

directly after having read the command line from the FIFO, the wrapper deletes the
FIFO,
using ps you only see:
xterm -e wrapper /FIFOfilename
wrapper /FIFOfilename
smbclient //hostname/service XXXX -U myusername

Is this secure enough ?

Bye
Alex

[prev in list] [next in list] [prev in thread] [next in thread]