List:General Discussion« Previous MessageNext Message »
From:Joerg Bruehe Date:August 12 2005 10:38am
Subject:FYI: Background info on "visibility of command line arguments"
View as plain text  

Some days ago, there was a debate on this list about the visibility of 
passwords using "ps" if they were given on the command line.

I have just come across this text. While it talks about the process 
name, the info still applies to command line arguments as well:

| 1.13 How do I change the name of my program (as seen by `ps')?
| On BSDish systems, the ps program actually looks into the address
| space of the running process to find the current argv[], and displays
| that. That enables a program to change its `name' simply by modifying 
| argv[].
| On SysVish systems, the command name and usually the first 80 bytes of
| the parameters are stored in the process' u-area, and so can't be
| directly modified. There may be a system call to change this
| (unlikely), but otherwise the only way is to perform an exec(), or
| write into kernel memory (dangerous, and only possible if running as
| root).
| Some systems (notably Solaris) may have two separate versions of ps,
| one in `/usr/bin/ps' with SysV behaviour, and one in `/usr/ucb/ps'
| with BSD behaviour. On these systems, if you change argv[], then the
| BSD version of ps will reflect the change, and the SysV version won't.
| Check to see if your system has a function setproctitle().

Quote taken from here:

So the client code that overwrites the password argument will be 
executed on all systems, but take effect only on some.


Joerg Bruehe, Senior Production Engineer
FYI: Background info on "visibility of command line arguments"Joerg Bruehe12 Aug
  • Character Set QuestionJames Sherwood12 Aug
    • Re: Character Set QuestionBruce Dembecki14 Aug