|
|
BugTraq
ps information leak in FreeBSD Jan 05 2003 08:46PM Cache (cache sowatech com pl) (2 replies) Re: ps information leak in FreeBSD Jan 07 2003 09:18AM Jez Hancock (jez hancock munk nu) (2 replies) Re: ps information leak in FreeBSD Jan 07 2003 05:48PM Crist J. Clark (crist clark attbi com) (1 replies) |
|
Privacy Statement |
> Crist J. Clark wrote:
> >Any program that asks for a password on the command line should have
> >the common decency to overwrite/obfuscate it, along the lines of,
> > case 'p':
> > passwd = optarg;
> > optarg = "********";
> > break;
This code is incorrect, it destroys a temporary pointer that will be
overwritten with the next call to getopt(). For the sake of
completeness, it should be noted that to actually destroy the command
line argument data, one should do something along the lines of:
case 'p':
passwd = strdup(optarg); /* now requires free()ing. */
{
int len = strlen(optarg), i;
for (i = 0; i != len; ++i)
optarg[i] = 0;
}
> That works only for OSs which support argv clobbering - it is by no
> means portable and shouldn't be depended on for security.
This is still correct though. :). Any passwords passed on the command
line are available through a race anyway. Just don't do it(tm).
David.
[ reply ]