1993-05-26 - Re: PGP: Environment protection for UNIX

Header Data

From: J. Michael Diehl <mdiehl@triton.unm.edu>
To: stig@netcom.com (Stig)
Message Hash: 798edd7450b2c69d3449060166e861591177bdee25fd59950fcbf7fb9c5c7cc0
Message ID: <9305260707.AA15163@triton.unm.edu>
Reply To: <9305260645.AA14381@netcom.netcom.com>
UTC Datetime: 1993-05-26 07:07:48 UTC
Raw Date: Wed, 26 May 93 00:07:48 PDT

Raw message

From: J. Michael Diehl <mdiehl@triton.unm.edu>
Date: Wed, 26 May 93 00:07:48 PDT
To: stig@netcom.com (Stig)
Subject: Re: PGP:  Environment protection for UNIX
In-Reply-To: <9305260645.AA14381@netcom.netcom.com>
Message-ID: <9305260707.AA15163@triton.unm.edu>
MIME-Version: 1.0
Content-Type: text/plain


> I wrote:
> > 	main (int argn, char **argv, char **envv)
> > 	{
> > 	    for ( ; *envv ; ++envv) {
> > 	        if (!strncmp(*envv,"PGP",3)) {
> > 	            char *c=*envv;
> > 	            while (*c) *c++=' ';
> > 	        } /* end of if */
> > 	    } /* end of for */
> > 	    system("printenv");
> > 	    sleep(10);
> > 	}
> And I should've enclosed it in #ifdef STUPID ... #endif.  I misread
> the putenv(3) man page and didn't realize that you could just use 
> 
> 	putenv("PGPPATH=");
> 	putenv("PGPPASS=");
> 
> To wipe those variables out of your environment...  They still might
> get caught by a 'ps -eaxuww' but chances are slim.  Is it posible to
> alter your arguments so they're not visible to 'ps -auxww'?

Well, I like this one.  It lets you put little messages in place of argv[0].

#include <stdio.h>

char 	buff[100];
int	esc = 27;

void main(int argc, char *argv[])
{
puts("Enter message.\n");
scanf("%s", buff); 
execl("/nfs/dorado/unsup/bin/ftp", buff, NULL);
}


+-----------------------+-----------------------------+---------+
| J. Michael Diehl ;-)  | I thought I was wrong once. | PGP KEY |
| mdiehl@triton.unm.edu |   But, I was mistaken.      |available|
| mike.diehl@fido.org   |                             | Ask Me! |
| (505) 299-2282        +-----------------------------+---------+
|                                                               |
+------"I'm just looking for the opportunity to be -------------+
|            Politically Incorrect!"   <Me>                     |
+-----If codes are outlawed, only criminals wil have codes.-----+
+----Is Big Brother in your phone?  If you don't know, ask me---+





Thread