Re: Hiding password from ps - Need better solution
From: Ken Hill <khill0_at_sct.edu>
Date: 1996/04/10
Message-ID: <4kglb5$q63_at_news-read-1.PeachNet.EDU>#1/1
Date: 1996/04/10
Message-ID: <4kglb5$q63_at_news-read-1.PeachNet.EDU>#1/1
In article <4k7ftq$6c9_at_gaia.cc.gatech.edu>, badri_at_cc.gatech.edu (badri) wrote:
>Hi:
>
> We have an ORACLE 7.2 database on Dynix/ptx 4.1.2. I wanted
>to hide the username and password from "ps" command.
Badri, This is the header directly from hide.c: ***
DESCRIPTION
Hides arguments for programs on UNIX systems.
Can be used as a program prefix: hide program arguments
or as a symbolic link. If this program is not invoked as hide, it
will hide its arguments and invoke the program name.hide
The best way to use this is to rename your critical programs to
program.hide, and create a symbolic link program to hide.
>>> mv sqlplus sqlplus.hide; ln -s hide sqlplus <<<
Thus when sqlplus is invoked, its arguments will be hidden
NOTES
This program works by padding 3000 '/' chars in argv[0]. This fools
all known ps's. This will reduce the argument capacity of your
program by 3000 chars. A good enhancement would be to reduce the
padding if needed so that no arguments are lost - would require a
method of determining the max argument size on the system. Some
system's provide the E2BIG error on exec.
There is some performace penalty for using this program, but it is
minimal because this program is so small - the biggest cost is the
extra exec required to get this program started.
***
I use it exactly as quoted and it works just. Make sure everything is linked correctly, but all you can see from the ps -ef is 'sqlplus', no 'login/password'.... KenReceived on Wed Apr 10 1996 - 00:00:00 CEST