Crypt - a suggestion
Peter Shipley
shipley at miro.Berkeley.EDU
Tue Mar 10 17:50:23 AEST 1987
In article <1274 at ihdev.ATT.COM> pdg at ihdev.UUCP (55224-P. D. Guthrie) writes:
>In article <707 at runx.ips.oz> janm at runx.OZ (Jan Mikkelsen) writes:
>>The only problem with entering the key on the command line is that it
>>can be seen with the 'ps' or the 'w' commands, giving away the key. This
>>is mentioned in one of the manuals. Which one escapes me now, however.
>
>Nope, both system V and Bezerkeley versions of crypt immediately
>destroy (by writing nulls over the argument) any indication of the arg
>(after copying it into another internal buffer). This way, it is
>*not* visible on the command line, unless you hit it at exactly the
>right spot. So it's not too much of a security glitch.
>
What if someone looks in your ".savehist" file?
+-----------------------------------------------------------------------------+
John O'Conner
email: shipley at miro.berkeley.edu Flames: cc-29 at cory.berkeley.edu
ucbvax!miro!shipley ucbvax!cory!cc-29
Spelling Quote: "Then one night I saw the
corections: /dev/null light and now there
is nothing more to see"
+-----------------------------------------------------------------------------+
More information about the Comp.sources.unix
mailing list