Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!lll-lcc!ptsfa!ihnp4!ihdev!pdg
From: pdg@ihdev.ATT.COM (P. D. Guthrie)
Newsgroups: net.sources
Subject: Re: Crypt - a suggestion
Message-ID: <1274@ihdev.ATT.COM>
Date: Mon, 9-Mar-87 14:05:47 EST
Article-I.D.: ihdev.1274
Posted: Mon Mar  9 14:05:47 1987
Date-Received: Tue, 10-Mar-87 06:26:54 EST
References: <183@axis.UUCP> <395@cognos.UUCP> <707@runx.ips.oz>
Reply-To: pdg@ihdev.UUCP (55224-P. D. Guthrie)
Organization: American Nasal Amputation Centre
Lines: 15

In article <707@runx.ips.oz> janm@runx.OZ (Jan Mikkelsen) writes:
>The only problem with entering the key on the command line is that it
>can be seen with the 'ps' or the 'w' commands, giving away the key. This
>is mentioned in one of the manuals. Which one escapes me now, however.

Nope, both system V and Bezerkeley versions of crypt immediately
destroy (by writing nulls over the argument) any indication of the arg
(after copying it into another internal buffer).  This way, it is
*not* visible on the command line, unless you hit it at exactly the
right spot.  So it's not too much of a security glitch.  

-- 

Paul Guthrie
ihnp4!ihdev!pdg			This Brain left intentionally blank.