How does ps know to hide passwords?
Solution 1
ps
does not hide the password. Applications like mysql overwrite arguments list that they got. Please note, that there is a small time frame (possible extendible by high system load), where the arguments are visible to other applications until they are overwritten. Hiding the process to other users could help. In general it is much better to pass passwords via files than per command line.
In this article it is described for C, how to do this. The following example hides/deletes all command line arguments:
#include <string.h>
int main(int argc, char **argv)
{
// process command line arguments....
// hide command line arguments
if (argc > 1) {
char *arg_end;
arg_end = argv[argc-1] + strlen (argv[argc-1]);
*arg_end = ' ';
}
// ...
}
Look also at https://stackoverflow.com/questions/724582/hide-arguments-from-ps and https://stackoverflow.com/questions/3830823/hiding-secret-from-command-line-parameter-on-unix .
Solution 2
The mysql program replaces the password from the command line with x
in this line of code:
while (*argument) *argument++= 'x'; // Destroy argument
Related videos on Youtube
dotancohen
Updated on September 18, 2022Comments
-
dotancohen almost 2 years
Witness:
$ ps f PID TTY STAT TIME COMMAND 31509 pts/3 Ss 0:01 -bash 27266 pts/3 S+ 0:00 \_ mysql -uroot -p 25210 pts/10 Ss+ 0:00 /bin/bash 24444 pts/4 Ss 0:00 -bash 29111 pts/4 S+ 0:00 \_ tmux attach 4833 pts/5 Ss+ 0:00 -bash 9046 pts/6 Ss 0:00 -bash 17749 pts/6 R+ 0:00 \_ ps f 4748 pts/0 Ss 0:00 -bash 14635 pts/0 T 0:02 \_ mysql -uroot -px xxxxxxxxxxxxxxxx 16210 pts/0 S+ 0:01 \_ mysql -uroot -px xxxxxxxxxxxxxxxx
How did ps know to hide the
mysql
passwords? Can I incorporate this into my own scripts to hide particular CLI attributes?-
dotancohen almost 11 yearsThank you, that is an informative document. I'll see about how I might overwrite cli arguments in my own scripts.
-
Drav Sloan almost 11 years@manatwork I would put that as an answer, because that is exactly what is happening - and it's a useful link for security issues regarding mysql. :)
-
Gilles 'SO- stop being evil' almost 11 yearsNote that while command line arguments can be snooped, environment variables are safe.
-
-
dotancohen almost 11 yearsVery nice, thanks. I did not realize that the arguments are mutable as such.
-
ash almost 11 yearsAlso note that not all programs will do this with passwords.
-
schemacs over 10 yearsThe link to this article is broken. Anyone to explain the code for me?(Why the code work, just set
\0
to space?) Any link tosetproctitle()
? -
schemacs over 10 yearsOr the answer lies here?
-
wizzwizz4 almost 7 yearsUnfortunately, that's not as secure as it could be. You can tell how long the password is. It's better to replace it with
\0
so that you need extra information to find the password length (without UB / SEGFAULT).