From owner-freebsd-security  Wed Aug 12 01:25:15 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA18817
          for freebsd-security-outgoing; Wed, 12 Aug 1998 01:25:15 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from ocean.campus.luth.se (ocean.campus.luth.se [130.240.194.116])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA18802
          for <freebsd-security@FreeBSD.ORG>; Wed, 12 Aug 1998 01:25:09 -0700 (PDT)
          (envelope-from karpen@ocean.campus.luth.se)
Received: (from karpen@localhost)
	by ocean.campus.luth.se (8.8.8/8.8.8) id KAA03393;
	Wed, 12 Aug 1998 10:14:24 +0200 (CEST)
	(envelope-from karpen)
From: Mikael Karpberg <karpen@ocean.campus.luth.se>
Message-Id: <199808120814.KAA03393@ocean.campus.luth.se>
Subject: Re: Possible security "risk" in ftp client
In-Reply-To: <199808120402.WAA04333@harmony.village.org> from Warner Losh at "Aug 11, 98 10:02:30 pm"
To: imp@village.org (Warner Losh)
Date: Wed, 12 Aug 1998 10:14:24 +0200 (CEST)
Cc: freebsd-security@FreeBSD.ORG
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

According to Warner Losh:
> My biggest complaint about ps is that if someone does a ps while our
> PPP server is dialing up the remote host, then they get to see what
> our phone number and password are... :-(  I would welcome privacy
> enhancements in this area.

Instead of changing "ftp", would it not be better to change ppp and ftp
as has been mentioned before? (Make them call setproctitle(3), IIRC?)

  /Mikael

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message