From owner-freebsd-security Wed Aug 12 09:21:27 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA20532 for freebsd-security-outgoing; Wed, 12 Aug 1998 09:21:27 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from shamash3.shamash.org (shamash3.shamash.org [207.244.122.42]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id JAA20520 for ; Wed, 12 Aug 1998 09:21:22 -0700 (PDT) (envelope-from k@shamash.org) Received: (qmail 2835 invoked by uid 65544); 12 Aug 1998 16:21:10 -0000 Message-ID: <19980812122110.A1446@yt.to> Date: Wed, 12 Aug 1998 12:21:10 -0400 From: Louis Theran To: freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client Mail-Followup-To: freebsd-security@FreeBSD.ORG References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93i In-Reply-To: ; from Mark J. Taylor on Tue, Aug 11, 1998 at 04:38:22PM -0400 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, Aug 11, 1998 at 04:38:22PM -0400, Mark J. Taylor wrote: > > The neat-o FTP client program in FreeBSD "/usr/bin/ftp" has a > cool but horrible feature: you can specify the user name and > password to use via the command line (in the URL), as in: > /usr/bin/ftp ftp://myname@mypass/ftp.freebsd.org/ > > This is actually quite bad: any "ps -ax" will show the username > and password. Using setproctitle(3) would be an attempt to close > this, but it would create a race condition. > > The program "/usr/bin/fetch" does it better: use the environment > variables FTP_LOGIN and FTP_PASSWORD. That is even worse, since you can still use ps axeww to see the environment, and people tend to leave the env vars set all the time. ^L -- Louis Theran "Te occidere possunt, sed te edere non possunt nefas quo est." PGP welcome; key at: k-pgpkey@yt.to To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message