Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!magnus.acs.ohio-state.edu!csn!ccncsu!purdue!haven.umd.edu!udel!princeton!phoenix.Princeton.EDU!subbarao From: subbarao@phoenix.Princeton.EDU (Kartik Subbarao) Newsgroups: comp.unix.wizards Subject: Re: Is it possible to hide process args from 'ps -ef'?? (Recap) Message-ID: Date: 23 Apr 91 13:27:32 GMT References: <1991Apr21.174709.27641@NCoast.ORG> <7326@auspex.auspex.com> <1991Apr23.090439.29024@casbah.acns.nwu.edu> Sender: news@idunno.Princeton.EDU Reply-To: subbarao@phoenix (Kartik Subbarao) Lines: 33 In article <1991Apr23.090439.29024@casbah.acns.nwu.edu> navarra@casbah.acns.nwu.edu (John 'tms' Navarra) writes: > > I have been vaguely following this discussion and this might > sound simple (and of course it might not work) but if you want to hide a > process from ps (like a passwd call) how bout this: > > make a /bin/ps which does the following: > > exec /bin/psfiltered | grep -v passwd Changing a system program is a really Stupid way of solving the problem. First, the person that wants to do this is not necessarily the superuser, or one with kmem access. Secondly, it's really simple to have the program read the "secret" arguments from the tty (maybe even using getpass!), rather than have to have them passed as arguments. Oh, gosh, that takes two more lines of code! I'll die from writing it!! In any event, systems programs should not be changed on simple whims like this. It's important that they be functional as they're expected to. -Kartik -- internet# rm `df | tail +2 | awk '{ printf "%s/quotas\n",$6}'` subbarao@phoenix.Princeton.EDU -| Internet kartik@silvertone.Princeton.EDU (NeXT mail) SUBBARAO@PUCC.BITNET - Bitnet