Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!husc6!rutgers!ucla-cs!ames!oliveb!sun!gorodish!guy
From: guy%gorodish@Sun.COM (Guy Harris)
Newsgroups: comp.unix.questions
Subject: Re: Destroying arguments
Message-ID: <19609@sun.uucp>
Date: Sun, 24-May-87 01:55:17 EDT
Article-I.D.: sun.19609
Posted: Sun May 24 01:55:17 1987
Date-Received: Sun, 24-May-87 08:44:46 EDT
References: <292@osupyr.UUCP> <239@polyof.UUCP> <485@bene.UUCP> <6723@mimsy.UUCP> <7425@elsie.UUCP>
Sender: news@sun.uucp
Distribution: comp.unix.questions
Lines: 19

> Seems like you could reduce (but not eliminate) the window of vulnerability
> by having the program reexecute itself this way:

Yup - a much better suggestion than the one offered by the guy who
suggested using the repeat key to type lots of letters, or perhaps
writing your own wrapper around a utility putatively provided in
usable form; this one puts the burden on the author of the encryption
program, not its user, which is as it should be.  However, this still
relies on having a "ps" that won't divulge more than N characters of
the argument list.

There is probably some appropriate value of N for most UNIX
implementations, but I don't know that 1) all implementations would
have such a limit or 2) for those implementations that do, that this
value of N would be smaller than NCARGS by a sufficient amount to
include an encryption key.
	Guy Harris
	{ihnp4, decvax, seismo, decwrl, ...}!sun!guy
	guy@sun.com