Date: Sat, 13 Nov 1999 11:50:26 -0500 (EST) From: Robert Watson <robert@cyrus.watson.org> To: Alexander Leidinger <A.Leidinger@WJPServer.CS.Uni-SB.de> Cc: dcs@newsguy.com, current@freebsd.org Subject: Re: "man" reads /etc/rc.conf? Message-ID: <Pine.BSF.3.96.991113114201.1274A-100000@fledge.watson.org> In-Reply-To: <199911131039.LAA00913@work.net.local>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 13 Nov 1999, Alexander Leidinger wrote: > On 12 Nov, Robert Watson wrote: >=20 > >> >> >> (102) netchild@ttyp2 > grep cat /etc/rc.conf.local > >> >> >> spppconfig_isp0=3D"`cat /etc/isdn/connect.parameters`" > >> > ^^^ > >> > Calling programs from any of the rc.conf files is considered evil > >> > and it's looked down on. > >> > >> It=B4s there to hide login/passwd information for i4b. > >=20 > > But it seems like the end up as arguments to ifconfig at a later date, > ^^ s/if/spp/ > =20 > > where a user can pull them out of ps, /proc, etc. The window there > > is clearly shorter than keeping it in /etc/rc.conf, but still not >=20 > It will only be in /proc (ps, etc.) at execution-/boot-time or am I > missing something? Yes -- the window of exposure is while a program is running that either a) has the password as a command line argument, or b) has the variable as an environmental variable. Opportunities for using ps to pull this information out happen after the sppp* portion of rc.network, but begin as early as sendmail (.forward and deferred delivery), cron (crontab), httpd (cgi), etc. And it's important to keep in mind that every time rc.conf is executed, it will pull in the password using the `...` clause, and store it in the execution environment of the caller. Not the same as being in the exposed environmental variables, but it's more exposure in the sense that if the program coredumps (i.e., the sh running the script that invoked /etc/rc.conf) the contents will be in the dump. Later invocations of spppcontrol in userland will expose their arguments to the world also. The generally preferred way to pass in passwords to a program is either to provide the program with an argument that is the filename storing the password, or to pass it in via stdin. E.g.,=20 % program -p /etc/private/my_password % cat /etc/private/my_password | program -p -=20 Robert N M Watson=20 robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.991113114201.1274A-100000>