[cap-talk] Don't put capabilities in argv?
jas at nagras.com
Sun Jul 13 00:30:05 CDT 2008
On Sat, Jul 12, 2008 at 8:21 PM, Darius Bacon <darius at accesscom.com> wrote:
> Kevin Reid <kpreid at mac.com> wrote:
>> * The simplest safe-by-default mechanism I can think of is to read the
>> capability from a file whose name is passed on the command line.
> How about passing it in the environment?
> arg1=secretpassword dosomething
> instead of
> dosomething --arg1 secretpassword
> This has at least the flaw that environment variables have dynamic
> scope; but the filesystem is a global scope as well.
Unfortunately a process's environment is just as visible to other
users as the command line arguments.
rorohiko$ foo=1 yes > /dev/null &
rorohiko$ ps e -A | grep yes
3613 s000 R+ 0:28.68 yes foo=1
More information about the cap-talk