Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Implications of setting sensitive data in ENV
Top Forums Shell Programming and Scripting Implications of setting sensitive data in ENV Post 302094360 by Perderabo on Friday 27th of October 2006 02:17:31 AM
Old 10-27-2006
The BSD version of ps has an option to display the environment of the processes it lists. So in general that is not secure. If you must do that, you can limit the window of exposure by putting the data in the environment just before invoking the script. And then in the script, reset the environment as the first operation.

Try to use a pipe instead.

echo $secretstuff | some_script

and in the script do:
read secretstuff
 

10 More Discussions You Might Find Interesting

1. Solaris

setting env

I am trying to set up my compiler, but when I go to look for gcc it not found but I get a message that stayed (/usr/oasys/bin) and when I go into the dir to set my env the following is type cp : cannot creat //pref/.environ: no such file or directory and I input ./setenv PATH=... (3 Replies)
Discussion started by: alsande
3 Replies

2. AIX

edit env. setting

hi eveybody, i m trying to set acl using acledit command in AIX box but wat im gettung is 3002-100 acledit: EDITOR environment variable not set can anyone help me out how 2 set editor.................... thanks in advance (4 Replies)
Discussion started by: rrlog
4 Replies

3. Red Hat

Help with csh env setting in Fedora 8

Hi there, How can I change bash to csh when starting a terminal, and set some aliases for csh? I can't find such files like .cshrc in my home directory. Thanks a lot (1 Reply)
Discussion started by: dustinwang2003
1 Replies

4. UNIX for Dummies Questions & Answers

Setting env variables using script

Hi, I wrote two small scripts to set env variables in a shell. java_env.csh #!/bin/csh -fn setenv JAVA_HOME '/scratch/software/jdk1.5.0_11' setenv PATH $PATH':'$JAVA_HOME'/bin' and run it using csh ./java_env.csh But the env variables are not set. I tried running each line on the... (5 Replies)
Discussion started by: NoviceAmod
5 Replies

5. Shell Programming and Scripting

Setting up env variable in ksh

I am facing a very strange issue. I have script in ksh with #!/bin/ksh as shebang. This script has function which sets the env variable before running other functions of the script. by set_up_env() { CONFIG_FILE="/opt/app/tools/deepmarking/latestVersion/script/UploadEnv" if then ... (7 Replies)
Discussion started by: Tuxidow
7 Replies

6. Shell Programming and Scripting

Setting ENV variables in PERL

I have perl script and in the first line we are invoking .sh script to set ENV variables. e..g eval '. $envfile; exec $PERL -S $0 "$@"' I want to change some of the env variables while the program is running and I am settging it like this .. $ENV{ORACLE_HOME}=trim($oraclehome);... (1 Reply)
Discussion started by: talashil
1 Replies

7. Post Here to Contact Site Administrators and Moderators

Remove post with sensitive data

Hello, Can you please delete or modify a post that contains sensitive data. I can't post full links, here's the end of the link: shell-programming-and-scripting/94965-help-shell-scripting-modify-user-creation-script-oracle-database.html It's got a lot of data that should never be posted on... (2 Replies)
Discussion started by: JonHeller
2 Replies

8. Post Here to Contact Site Administrators and Moderators

Please remove the sensitive data from post

Hi Sir , Please remove the following code from the post https://www.unix.com/unix-for-advanced-and-expert-users/210081-ftp-issue.html thanks Prabhu (7 Replies)
Discussion started by: ptappeta
7 Replies

9. Post Here to Contact Site Administrators and Moderators

Remove sensitive data

Hi Sir, please remove following terms from post as it is sensitive data https://www.unix.com/shell-programming-and-scripting/235655-print-single-line.html ifeeds fidedev ironsides feedmgr thanks a lot prabhu (1 Reply)
Discussion started by: ptappeta
1 Replies

10. Post Here to Contact Site Administrators and Moderators

Please remove sensitive data

Hi Kindly remove the following from the post . These are confidential info posted by mistake https://www.unix.com/shell-programming-and-scripting/201037-perl-while-loop-each.html please remove the comments section which is first 16 lines in the perl script . Also please remove the ... (1 Reply)
Discussion started by: ptappeta
1 Replies

LEARN ABOUT HPUX

secure_sid_scripts

secure_sid_scripts(5)						File Formats Manual					     secure_sid_scripts(5)

NAME

       secure_sid_scripts - controls whether setuid and setgid bits on scripts are honored

VALUES

   Failsafe
   Default
   Allowed values
   Recommended values
DESCRIPTION

       This  tunable  controls	whether and bits on executable scripts have any effect.  Honoring on scripts make a system vulnerable to attack by
       malicious users.

       The default value for this variable is 1, indicating that bits are to be ignored by the execve(2) system call  for  higher  security.   The
       tunable	can  be set to 0 for a compatibility with older releases at the expense of security.  Hewlett-Packard strongly recommends that you
       not change the value of this tunable unless there is an urgent need to do so.

       When a script with bits is executed, the kernel generates the following error message to both the terminal controlling and the system  log.
       (To view the error message, use dmesg(1M) or inspect

   Who is Expected to Change This Tunable?
       Administrator.

   Restrictions on Changing
       Changes to this tunable take effect for new scripts started after the change.

   When Should the Value of This Tunable Be Changed?
       This  tunable  controls	operational  modes  rather  than data structure sizes and limits.  The appropriate setting for a system depends on
       whether you consider security or compatibility to be most important.

       A value of is compatible with previous releases of HP-UX, but it is also less secure.

       A value of provides security against race condition attacks exploiting scripts.

   What Are the Side Effects of Changing the Value
       This tunable controls only executable scripts (not programs) with bit set.  HP-UX does not ship with any such  scripts.	 If  the  customer
       wishes  to use scripts, third party applications such as or can be used.  Alternatively, the shell script can be wrapped in a simple C pro-
       gram that runs the shell script with appropriate permissions:

   What Other Tunable Values Should Be Changed at the Same Time?
       None.

WARNINGS

       None.  All HP-UX kernel tunable parameters are release specific.  This parameter may be removed or  have  its  meaning  changed	in  future
       releases of HP-UX.

       Installation  of  optional  kernel  software, from HP or other vendors, may cause changes to tunable parameter values.  After installation,
       some tunable parameters may no longer be at the default or recommended values.  For information about the effects of installation  on  tun-
       able  values,  consult  the documentation for the kernel software being installed.  For information about optional kernel software that was
       factory installed on your system, see at

FILES

AUTHOR

       was developed by HP.

SEE ALSO

       chmod(1), execve(2), kctune(1M).

							     Tunable Kernel Parameters					     secure_sid_scripts(5)
All times are GMT -4. The time now is 07:15 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy