From owner-freebsd-security Tue Aug 11 13:45:16 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA01239 for freebsd-security-outgoing; Tue, 11 Aug 1998 13:45:16 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from redfish.go2net.com (redfish.go2net.com [207.178.55.5]) by hub.freebsd.org (8.8.8/8.8.8) with SMTP id NAA01230 for ; Tue, 11 Aug 1998 13:45:14 -0700 (PDT) (envelope-from marcs@go2net.com) Received: from marcs by redfish.go2net.com with smtp (Exim 1.82 #2) id 0z6LHB-0005XJ-00; Tue, 11 Aug 1998 13:44:13 -0700 Date: Tue, 11 Aug 1998 13:44:12 -0700 (PDT) From: Marc Slemko X-Sender: marcs@redfish To: "Mark J. Taylor" cc: freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Tue, 11 Aug 1998, Mark J. Taylor wrote: > > The neat-o FTP client program in FreeBSD "/usr/bin/ftp" has a > cool but horrible feature: you can specify the user name and > password to use via the command line (in the URL), as in: > /usr/bin/ftp ftp://myname@mypass/ftp.freebsd.org/ > > This is actually quite bad: any "ps -ax" will show the username > and password. Using setproctitle(3) would be an attempt to close > this, but it would create a race condition. > > The program "/usr/bin/fetch" does it better: use the environment > variables FTP_LOGIN and FTP_PASSWORD. Naw, that is worse since you can just use ps to grab it; the reason it is worse is because it tends to lead to people leaving it set when they aren't actually using the program. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message