[PATCH] sys.modify_argv()
Paul Rubin
phr-n2001 at nightsong.com
Sat Aug 25 12:13:32 EDT 2001
Skip Montanaro <skip at pobox.com> writes:
> Paul> The idea is to run a command with a password on the command line,
> Paul> and not have the password stay visible to "ps" through the whole
> Paul> time the process is running.
>
> I trust everyone recognizes the race condition here. Passwords shouldn't be
> on command lines if they are sensitive.
1) Maybe so, but it's better to have them visible to ps for a fraction
of a second than for the whole time that a process is running (which
might be "forever" in the case of a server).
2) It's also possible (especially in the case of a server) that no one
else is logged on at the time that the process starts, in which case
it's perfectly safe to have the password on the command line for that
moment.
More information about the Python-list
mailing list