[cap-talk] Don't put capabilities in argv?
daw at cs.berkeley.edu
Sat Jul 12 17:43:45 CDT 2008
Kevin Reid writes:
In article <261C264E-31CF-4980-9EEA-22A046FBF59F at mac.com> you write:
>AFAIK, typical unix systems reveal command-line arguments of all
>processes to all users. [..] Are there ways to eliminate the problem?
Yes. Overwrite your own argv to hide the command-line arguments.
You'll want to overwrite environ, too. (Of course, this leaves open a
hopefully short time window before you manage to overwrite argv, during
which command-line arguments are still visible to someone who looks at
just the right time.)
I know, it's a bit of a hack. But anything that involves interfacing
the Unix command-line interface with a capability system is likely to
require kludgy stuff, because the Unix command-line interface is just
not a object capability interface.
More information about the cap-talk