Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!ut-sally!husc6!necntc!ames!ucbcad!ucbvax!miro.Berkeley.EDU!shipley
From: shipley@miro.Berkeley.EDU (Peter Shipley)
Newsgroups: net.sources
Subject: Re: Crypt - a suggestion
Message-ID: <17763@ucbvax.BERKELEY.EDU>
Date: Tue, 10-Mar-87 02:50:23 EST
Article-I.D.: ucbvax.17763
Posted: Tue Mar 10 02:50:23 1987
Date-Received: Tue, 10-Mar-87 22:22:49 EST
References: <183@axis.UUCP> <395@cognos.UUCP> <707@runx.ips.oz> <1274@ihdev.ATT.COM>
Sender: usenet@ucbvax.BERKELEY.EDU
Reply-To: shipley@miro.Berkeley.EDU.UUCP (Peter Shipley)
Organization: Society for the Study of Prana-Bindu: Kho'wry Sector 199
Lines: 26

In article <1274@ihdev.ATT.COM> pdg@ihdev.UUCP (55224-P. D. Guthrie) writes:
>In article <707@runx.ips.oz> janm@runx.OZ (Jan Mikkelsen) writes:
>>The only problem with entering the key on the command line is that it
>>can be seen with the 'ps' or the 'w' commands, giving away the key. This
>>is mentioned in one of the manuals. Which one escapes me now, however.
>
>Nope, both system V and Bezerkeley versions of crypt immediately
>destroy (by writing nulls over the argument) any indication of the arg
>(after copying it into another internal buffer).  This way, it is
>*not* visible on the command line, unless you hit it at exactly the
>right spot.  So it's not too much of a security glitch.  
>

What if someone looks in your ".savehist" file?



+-----------------------------------------------------------------------------+
John O'Conner
email:   shipley@miro.berkeley.edu     Flames:  cc-29@cory.berkeley.edu 
         ucbvax!miro!shipley                    ucbvax!cory!cc-29

Spelling                                Quote:  "Then one night I saw the
corections: /dev/null                            light and now there
                                                 is nothing more to see"
+-----------------------------------------------------------------------------+