Date: Tue, 4 Jan 2000 16:29:04 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: Dominik Brettnacher <domi@saargate.de> Cc: "sprice@hiwaay.net" <sprice@hiwaay.net>, kbyanc@posi.net, andrews@technologist.com, ports@freebsd.org, drbrain@toxic.magnesium.net Subject: RE: Uptimes project has moved Message-ID: <Pine.BSF.4.21.0001041626290.68003-100000@hub.freebsd.org> In-Reply-To: <Pine.BSF.4.10.10001041126560.18745-100000@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 4 Jan 2000, Dominik Brettnacher wrote: > > One immediate problem I see with either version is that the password is > > out in the open. Hardcoded in the binary you can get it with strings(1). > > On the commandline and you can see it with ps(1). > > The program could call setproctitle(3) in order to avoid this. There is still a race condition here. Reading from private data (e.g. a mode 600 file) is the only way to be safe. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001041626290.68003-100000>