[cap-talk] Don't put capabilities in argv?

David Wagner daw at cs.berkeley.edu
Sat Jul 12 17:43:45 CDT 2008


Kevin Reid writes:
In article <261C264E-31CF-4980-9EEA-22A046FBF59F at mac.com> you write:
>AFAIK, typical unix systems reveal command-line arguments of all  
>processes to all users. [..] Are there ways to eliminate the problem?

Yes.  Overwrite your own argv to hide the command-line arguments.
You'll want to overwrite environ, too.  (Of course, this leaves open a
hopefully short time window before you manage to overwrite argv, during
which command-line arguments are still visible to someone who looks at
just the right time.)

I know, it's a bit of a hack.  But anything that involves interfacing
the Unix command-line interface with a capability system is likely to
require kludgy stuff, because the Unix command-line interface is just
not a object capability interface.


More information about the cap-talk mailing list