Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!seismo!rutgers!ames!oliveb!sun!gorodish!guy From: guy%gorodish@Sun.COM (Guy Harris) Newsgroups: comp.unix.questions Subject: Re: Destroying arguments Message-ID: <19526@sun.uucp> Date: Fri, 22-May-87 00:38:41 EDT Article-I.D.: sun.19526 Posted: Fri May 22 00:38:41 1987 Date-Received: Sat, 23-May-87 14:27:55 EDT References: <292@osupyr.UUCP> <239@polyof.UUCP> <485@bene.UUCP> <6723@mimsy.UUCP> <1042@hropus.UUCP> Sender: news@sun.uucp Distribution: comp.unix.questions Lines: 35 > b) On a PAGING system ONLY the first 40 bytes of arguments are copied > into the saftey of the user block (ps may not show you much more > than this anyway) so if you want arguments passed to you with some > secrecy just put them futher down the line. Funny, the source we have says 80 bytes.... And as for "put them further down the line", *who* is doing the putting? If a program wants arguments passed to it with some secrecy, it has to politely request that whoever or whatever *invokes* it should ensure that the argument in question appear more than 80 characters into the argument list. A program (or programmer) that made such a request of me would be likely to get a rude gesture in response. The point is that you can't, in general, ensure that arguments passed to a program can't be seen by somebody doing a "ps"; you definitely can't do so on a 3B2 running any reasonably recent version of UNIX for the 3B2. Even on machines where you can smash the argument list, there is a small chance that "ps" will suck up the argument list before the program gets a chance to smash it. In other words, don't put encryption keys on the command line if you can possibly avoid it. (Another question that comes to mind is "why did they waste 80 bytes of U-area space with this stuff?" It's not as if you can't fetch an argument list on a paged machine, and the ability to get the command line used to run a program does not seem to be of sufficient importance that stuffing it in the U page buys you anything. You *still* aren't guaranteed that you can get it, since the process may get swapped in or out between the point at which "ps" gets the process table entry for the process and the point at which it grabs the U area.) Guy Harris {ihnp4, decvax, seismo, decwrl, ...}!sun!guy guy@sun.com