As it happens I have been working on a similar problem myself recently.
The approaches I considered where to pass the password as and environment variable, or to pipe it to the child process on it's stdin.
Both are a bit more secure than a plain argument on the command line, but neither is that secure. For example on linux you can read the environment variables of any process by reading /proc/<pid>environ (Try: hexdump /proc/$$/environ -C to read the environment of your shell). Data piped thru stdin on the child is probably a bit more secure, as it is transient, but I dare say there would be a way for an attacker to read it.
The bottom line is that if an attacker already has root on the destination box, and is prepared to put some time into it, he can subvert any security scheme you can come up with, so what you need to do is come up with a threat model and work out what kind of attacker you need to defend against. How clever are they? What privileges do they have on the box?
In reply to Re: Passing a password to another process "safely" in Linux
by chrestomanci
in thread Passing a password to another process "safely" in Linux
by rastoboy
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |