tjo@its.bt.co.uk (Tim Oldham) (02/23/90)
In article <3536@zorba.Tynan.COM> kingman@tci.bell-atl.com (Matt Kingman) writes: >Hi. I have an application that requires the user to enter a password >on the command line. In the good old days, I could modify argv in place >to block out the password, so that when other users did a 'ps' they can't >see the password. On System V 3.X, the command line arguments get copied >to the user struct so that modifying argv doesn't do the trick anymore. >'ps' looks at the user struct for it's information. My question is: >Is there any way to access the user struct from within my program so that >I can block out the password? How do I find it? (Having the program prompt >the user for the password is an obvious workaround but there must be some >way to access the user struct). Thanks for any help/information. Well, I won't comment on what you're trying to do, although I think you're approaching the problem the wrong way. However, you could try this if you insist: Open /dev/kmem. Seek to UAREA_SYSVMADDR, or whatever it is, which should be in <sys/user.h>. Read the u area. Fix it and write it. This has its problems in that it probably won't work. I'm not sure what will happen on write - all I've ever done is read it. It's also revoltingly non-portable (try it on VMS :-) /dev/kmem needs to be 0666, or your code setuid, as well, which have their own sets of associated problems. 0666 for /dev/kmem is rather dangerous... As I say, don't do it. Passwords on command lines is horrible. Tim. -- Tim Oldham, BT Applied Systems. tjo@its.bt.co.uk or ...!ukc!axion!its!tjo Less is more, but not as much as more.