Crypt - a suggestion
P. D. Guthrie
pdg at ihdev.ATT.COM
Tue Mar 10 05:05:47 AEST 1987
In article <707 at runx.ips.oz> janm at runx.OZ (Jan Mikkelsen) writes:
>The only problem with entering the key on the command line is that it
>can be seen with the 'ps' or the 'w' commands, giving away the key. This
>is mentioned in one of the manuals. Which one escapes me now, however.
Nope, both system V and Bezerkeley versions of crypt immediately
destroy (by writing nulls over the argument) any indication of the arg
(after copying it into another internal buffer). This way, it is
*not* visible on the command line, unless you hit it at exactly the
right spot. So it's not too much of a security glitch.
--
Paul Guthrie
ihnp4!ihdev!pdg This Brain left intentionally blank.
More information about the Comp.sources.unix
mailing list