Return to BSD News archive
Xref: sserve comp.os.386bsd.misc:643 alt.security.pgp:1300
Path: sserve!newshost.anu.edu.au!munnari.oz.au!network.ucsd.edu!news.cerf.net!pagesat!decwrl!uunet!Germany.EU.net!mcsun!news.eunet.fi!funic!nntp.hut.fi!nntp.hut.fi!tri
From: tri@snakemail.hut.fi (Timo Rinne)
Newsgroups: comp.os.386bsd.misc,alt.security.pgp
Subject: PGP-2.3a hide command line arguments
Date: 30 Jul 93 04:36:10 GMT
Organization: Helsinki University of Technology
Lines: 109
Distribution: inet
Message-ID: <TRI.93Jul30063610@beta.hut.fi>
Reply-To: Timo.Rinne@hut.fi
NNTP-Posting-Host: beta.hut.fi
-----BEGIN PGP SIGNED MESSAGE-----
I hacked a patch for pgp version 2.3a to hide it's command line
arguments so that they can not be seen from ps(1) output. It seems to
work ok in 386bsd. I haven't tested it on other systems but it should
work on BSD 4.3 systems that are _NOT_ based on MACH.
Install this patch with `patch -p < filename'.
- --
I Timo Rinne I Cirion oy I Working computer hardware is a lot I
I Timo.Rinne@hut.fi I PL 250 I like an erect penis: It stays up I
I tri@cirion.fi I 00120 HELSINKI I as long as you don't fuck with it. I
Hi! I am a .signature virus. Copy me into your .signature to join in!
*** PGP 2.3 public key available ***
>>>>>>>>>>>>>>>>>> C U T H E R E >>>>>>>>>>>>>>>>>>
*** pgp.c.orig Sat Jul 3 02:22:22 1993
- --- pgp.c Fri Jul 30 06:21:02 1993
***************
*** 327,332 ****
- --- 327,388 ----
#endif /* TEMP_VERSION */
+ #if defined(__386BSD__)
+ /*
+ ** Command line argument hiding in 386bsd. This should work on other
+ ** BSD 4.3 systems, except on those based on MACH. This kludge is
+ ** written by Timo Rinne <tri@cirion.fi> July 1993. I hope you find
+ ** this one makes you feel a little bit ($0.05) more secure.
+ ** Macro INIT_PROC_TITLE is to be called first thing in the main function.
+ ** arguments argv and argc shoud be passed to main. This section is part
+ ** of the main program module and should be before main function.
+ */
+ #define INIT_PROC_TITLE() ((Argv = argv), \
+ (LastArgv = argv[argc-1] + strlen(argv[argc-1])), \
+ (argv = DuplicateArgv(argc, argv)), \
+ (SetProcTitle("")))
+ /*
+ ** Idea of function setproctitle is from sendmail 5.64.
+ */
+ static char **Argv = NULL; /* pointer to argument vector */
+ static char *LastArgv = NULL; /* mpinter to the end of argument space. */
+ static SetProcTitle(char *str)
+ {
+ char *p;
+ int i;
+ char buf[256];
+ strncpy(buf, str, 255);
+ buf[255] = '\000';
+ p = Argv[0];
+ *p++ = '-';
+ i = strlen(buf);
+ if (i > LastArgv - p - 2) {
+ i = LastArgv - p - 2;
+ buf[i] = '\0';
+ }
+ (void)strcpy(p, buf);
+ p += i;
+ while (p < LastArgv)
+ *p++ = ' ';
+ }
+ /*
+ ** This function duplicates argv vector. Function xmalloc is part of
+ ** the pgp package and it is simply malloc that returns only if memory
+ ** allocation is succesfull. Unsuccesful xalloc aborts program.
+ */
+ static char **DuplicateArgv(int argc, char **argv)
+ {
+ char **nargv;
+ int i;
+ nargv = (char **)xmalloc((argc + 1) * sizeof(char *));
+ nargv[argc] = NULL;
+ for(i = 0; (argv && (i < argc) && (argv[i])); i++) {
+ nargv[i] = (char *)xmalloc((strlen(argv[i]) + 1) * sizeof(char));
+ strcpy(nargv[i], argv[i]);
+ }
+ return nargv;
+ }
+ #endif /* defined(__386BSD__) */
/* -f means act as a unix-style filter */
/* -i means internalize extended file attribute information, only supported
***************
*** 410,415 ****
- --- 466,474 ----
#ifdef DEBUG1
verbose = TRUE;
#endif
+ #if defined(__386BSD__)
+ INIT_PROC_TITLE();
+ #endif /* defined(__386BSD__) */
/* The various places one can get passwords from.
* We accumulate them all into two lists. One is
* to try on keys only, and is stored in no particular
>>>>>>>>>>>>>>>>>> C U T H E R E >>>>>>>>>>>>>>>>>>
-----BEGIN PGP SIGNATURE-----
Version: 2.3a
iQCVAgUBLFiWkd023rbQXPl5AQEJwQQA7u4QoMYG164T+2Q8vSqLfrN7mOtaCnxq
rZEiuwPmj/npbOxadWIvEZOuckB/7Bhf1G02te8RyNcWBYy2Z0VNcs3p2Rh1fjLP
tXm/5jCQkdLMysqVPitJoc3Ot3agiUETC1kDtZsuUfL41v8RHS1ZQnJU+ag3V8FR
rt+JPcHY1wk=
=uken
-----END PGP SIGNATURE-----