Hiding commnd line arguments in ps command on Linux

Applications Programming
1

Hi Unix lovers,

I am trying to seek an explanation for a simple looking code - why it works?

I found below program which hide command line argument in ps command.

#include <string.h>

int main(int argc, char **argv)
{
    // process command line arguments....

    // hide command line arguments
    if (argc > 1) {
        char *arg_end;    
        arg_end = argv[argc-1] + strlen (argv[argc-1]);
        *arg_end = ' ';
    }

    // ...
}

The program can be found at
security - How does ps know to hide passwords? - Unix & Linux Stack Exchange

Can anyone explain why and how this code works? I am finding it hard to understand :(.

I ran this program on linux. Not sure if it works on solaris,hp etc..

Thanks in advance,

-Ashish

2

Generally when I have tried to hide passwords in ps I have either left padded the
command with spaces, which hides the commands or piped the password into
the command such as:

echo "system/manager" | imp file=...

By piping the password into command the commands won't see the
password, but the program you are running will see the password.

3

The answer to how that program work are in the URL you linked.

The called program overwrites it's arguments after making a copy of them. But as one of the other comments adds, there's still a brief period of time when the commands arguments are visible so it's not foolproof.

The only way to make sure information you want to remain private isn't exposed as a command argument is to either encrypt it first, or to have the calling and called program communicate the info some other way. You could use a file, shared memory, IPC, a pipe, etc...

2 Likes
4

Also: Arguments aren't writable on a lot of platforms, there's many places that would just crash.

The better solution would be to not do that in the first place, to transfer passwords via file or pipe. Or just not use them in the first place.

5

A bit late, but I'll toss it out there anyway:

Some OS's also make a copy of the initial command line arguments. For example, Solaris keeps a copy the first 80 characters of the initial command line arguments. In kernel space.

So even if you can write over the copy of the command line arguments passed into your program, that may not be the only copy.