Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!uwvax!oddjob!hao!ames!ucbcad!ucbvax!hplabs!hpcea!hpfcdc!rml
From: rml@hpfcdc.HP.COM (Bob Lenk)
Newsgroups: comp.unix.questions
Subject: Re: Re: Destroying arguments
Message-ID: <5740008@hpfcdc.HP.COM>
Date: Thu, 28-May-87 20:14:30 EDT
Article-I.D.: hpfcdc.5740008
Posted: Thu May 28 20:14:30 1987
Date-Received: Sun, 31-May-87 19:36:29 EDT
References: <19131@sun.uucp>
Organization: HP Ft. Collins, Co.
Lines: 17

> > Seems like you could reduce (but not eliminate) the window of vulnerability
> > by having the program reexecute itself this way:
> 
>                                               ... However, this still
> relies on having a "ps" that won't divulge more than N characters of
> the argument list.
> 
> There is probably some appropriate value of N for most UNIX
> implementations, but...

If you really want to use this type of an approach, the initial
invocation can pipe() and write the password to the pipe, and the second
(re-exec'd) invocation can read it back.  I suppose this somewhat
increases the window when when first invocation runs.

		Bob Lenk
		{ihnp4, hplabs}!hpfcla!rml