Login or Register to Ask a Question and Join Our Community


Programming

Hiding commnd line arguments in ps command on Linux

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Programming Hiding commnd line arguments in ps command on Linux
# 1  
Old 06-05-2014
Hiding commnd line arguments in ps command on Linux
Hi Unix lovers,

I am trying to seek an explanation for a simple looking code - why it works?

I found below program which hide command line argument in ps command.

Code:
#include <string.h>

int main(int argc, char **argv)
{
    // process command line arguments....

    // hide command line arguments
    if (argc > 1) {
        char *arg_end;    
        arg_end = argv[argc-1] + strlen (argv[argc-1]);
        *arg_end = ' ';
    }

    // ...
}

The program can be found at
security - How does ps know to hide passwords? - Unix & Linux Stack Exchange

Can anyone explain why and how this code works? I am finding it hard to understand Smilie.

I ran this program on linux. Not sure if it works on solaris,hp etc..

Thanks in advance,

-Ashish
# 2  
Old 06-05-2014
Generally when I have tried to hide passwords in ps I have either left padded the
command with spaces, which hides the commands or piped the password into
the command such as:

Code:
echo "system/manager" | imp file=...

By piping the password into command the commands won't see the
password, but the program you are running will see the password.
Last edited by radoulov; 06-05-2014 at 10:03 AM..
# 3  
Old 06-05-2014
The answer to how that program work are in the URL you linked.

The called program overwrites it's arguments after making a copy of them. But as one of the other comments adds, there's still a brief period of time when the commands arguments are visible so it's not foolproof.

The only way to make sure information you want to remain private isn't exposed as a command argument is to either encrypt it first, or to have the calling and called program communicate the info some other way. You could use a file, shared memory, IPC, a pipe, etc...
These 2 Users Gave Thanks to cnamejj For This Post:
Perderabo shriashishpatil
# 4  
Old 06-06-2014
Also: Arguments aren't writable on a lot of platforms, there's many places that would just crash.

The better solution would be to not do that in the first place, to transfer passwords via file or pipe. Or just not use them in the first place.
# 5  
Old 06-09-2014
A bit late, but I'll toss it out there anyway:

Some OS's also make a copy of the initial command line arguments. For example, Solaris keeps a copy the first 80 characters of the initial command line arguments. In kernel space.

So even if you can write over the copy of the command line arguments passed into your program, that may not be the only copy.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

command line arguments

hi,,,, I want to create a command prompt, for example "prompt>", so my prompt need to handle commands, for example "prompt>cmd", so i want to know how to get arguments for my own commands cmd, i.e. default argc should contain arguments count and argv should point to the argument vector i.e, for... (2 Replies)
Discussion started by: vins_89
2 Replies

2. UNIX for Dummies Questions & Answers

command line arguments

hi, can someone how to accept command line arguments as a variable using in script? like: ./scriptname arguments by accept arguments, I can use it in my script? thx! (1 Reply)
Discussion started by: ikeQ
1 Replies

3. UNIX for Dummies Questions & Answers

getopts - command line arguments

Hi, I'm having problems with a script where I wanted every single option specified in the command line to have an argument taken with it, but for some reason only d works in the code I will be showing below. For example if I did ./thisfile -a something it would come up with "a chosen with " as... (2 Replies)
Discussion started by: IceX
2 Replies

4. Shell Programming and Scripting

Hiding processes / process arguments

Is there a way of hiding a process, or at the very least, process arguments? I'm writing a hosting panel (PHP), and I need to be able to adduser and do other tasks in which I do not want the arguments shown on the termnial for other users of the system. Thanks (0 Replies)
Discussion started by: jaymac407
0 Replies

5. UNIX for Dummies Questions & Answers

Command line arguments.

I am working on a script wherein i need the user to enter the Build ID for eg:the command line will show enter the build ID Now on entering the build ID it should be assigned to @ARGV. How can this be done.? (1 Reply)
Discussion started by: Varghese
1 Replies

6. Shell Programming and Scripting

Getting error in command line arguments

Hi, When i am running the following script 1.sh (without giving the command line arguments) then i am getting the following error. if then echo "UID and PWD are correct" elif then echo "Either UID or PWD is wrong. Please check your UID and PWD" else echo "UID and PWD can't be blank"... (9 Replies)
Discussion started by: sunitachoudhury
9 Replies

7. Shell Programming and Scripting

command line arguments

-------------------------------------------------------------------------------- I have this while loop and at the end I am trying to get it to tell me the last argument I entered. And with it like this all I get is the sentence with no value for $1. Now I tried moving done after the sentence... (1 Reply)
Discussion started by: skooly5
1 Replies

8. Shell Programming and Scripting

i want to list all command line arguments except

Hi all i want to list out all command line arguments except $1 i have passed to a script. Ex: sh cmdline.sh one two three four five o/p: two three four five (3 Replies)
Discussion started by: naree
3 Replies

9. UNIX for Dummies Questions & Answers

arguments in command line

Hi all, How many arguments can we pass while testing a prgm at command line.. I encountered an issue while passing 10 arguments. For $10 its taking argument passed for $1 followed by 'zero'. can we pass more than 9 arguments /Is there any other way. Thanks, rrs (6 Replies)
Discussion started by: rrs
6 Replies

10. Programming

command line arguments

Hi How to pass multi line text as a command line argument to a program. (i.e) ./a.out hi this is sample 0 file1 where hi this is sample should be stored in argv 0 in argv and so on... (3 Replies)
Discussion started by: bankpro
3 Replies
Login or Register to Ask a Question