On Mon, 2 Jul 2012 16:48:19 -0400, grarpamp wrote: > Isn't it possible for the program to rewrite its > own argv0 and/or parameters that would show > up in ps/proc/etc when accessed by other uid's? > But that may be subject to determination by race.
Yes, this is possible to some extent, but I'm not sure if we can really remove all traces of the original command line from the system records, and as you said there will be a race condition. There was a --password option originally but it was removed in version 0.5 (ca. 2003) for these reasons. > So also, examine the -h and -H options used in pw here: > http://svnweb.freebsd.org/base/releng/9.0/usr.sbin/pw/ As far as I can see, you can do the same with the --passwordeval option. -H/-h directly get the file descriptor of the pipe whereas --passwordeval creates a pipe to read the output of the given command. Martin ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ msmtp-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/msmtp-users
