Shell 脚本密码安全命令行参数
[英]Shell script password security of command-line parameters
问题描述
If I use a password as a command-line parameter it's public on the system using ps .
如果我使用密码作为命令行参数,它在系统上使用ps是公开的。
But if I'm in a bash shell script and I do something like:但是,如果我在 bash shell 脚本中,我会执行以下操作:
...
{ somecommand -p mypassword }
...
is this still going to show up in the process list?这还会出现在进程列表中吗? Or is this safe?或者这样安全吗?
- How about sub-processes: (...)?子流程怎么样:(...)? Unsafe right?不安全吧?
- coprocess?协同处理?
4 个解决方案
解决方案1
6 已采纳 2011-07-07 08:27:03
Command lines will always be visible (if only through /proc).命令行将始终可见(如果仅通过 /proc)。
So the only real solution is: don't.所以唯一真正的解决方案是:不要。 You might supply it on stdin, or a dedicated fd:您可以在标准输入或专用 fd 上提供它:
./my_secured_process some parameters 3<<< "b@dP2ssword"
with a script like (simplicity first)使用类似(简单第一)的脚本
#!/bin/bash
cat 0<&3
(this sample would just dump a bad password to stdout) (此示例只会将错误的密码转储到标准输出)
Now all you need to be concerned with is:现在你需要关心的是:
- MITM (spoofed scripts that eaves drop the password, eg by subverting PATH) MITM(通过破坏 PATH 窃取密码的欺骗脚本)
- bash history retaining your password in the commandline (look at HISTIGNORE for bash, eg) bash 历史记录在命令行中保留您的密码(查看HISTIGNORE以获取 bash,例如)
- the security of the script that contains the password redirection包含密码重定向的脚本的安全性
- security of the tty's used;使用的 tty 的安全性; keyloggers;键盘记录器; ... as you can see, we have now descended into 'general security principles' ...如您所见,我们现在已进入“一般安全原则”
解决方案2
3 2011-07-07 08:33:48
The called program can change its command line by simply overwriting argv like this:被调用的程序可以通过简单地覆盖argv来更改其命令行,如下所示:
#include <stdlib.h>
#include <string.h>
int main(int argc, char** argv) {
int arglen = argv[argc-1]+strlen(argv[argc-1])+1 - argv[0];
memset(argv[0], arglen, 0);
strncpy(argv[0], "secret-program", arglen-1);
sleep(100);
}
Testing:测试:
$ ./a.out mySuperPassword &
$ ps -f
UID PID PPID C STIME TTY TIME CMD
me 20398 18872 0 11:26 pts/3 00:00:00 bash
me 20633 20398 0 11:34 pts/3 00:00:00 secret-program
me 20645 20398 0 11:34 pts/3 00:00:00 ps -f
$
UPD: I know, it is not completely secure and may cause race conditions, but many programs that accept password from command line do this trick. UPD:我知道,它并不完全安全,可能会导致竞争条件,但是许多从命令行接受密码的程序都会这样做。
解决方案3
3 2011-07-07 12:20:18
How about using a file descriptor approach:如何使用文件描述符方法:
env -i bash --norc # clean up environment
set +o history
read -s -p "Enter your password: " passwd
exec 3<<<"$passwd"
mycommand <&3 # cat /dev/stdin in mycommand
See:看:
Hiding secret from command line parameter on Unix 在 Unix 上隐藏命令行参数的秘密
解决方案4
0 2011-07-07 08:30:51
The only way to escape from being shown in the the process list is if you reimplement the entire functionality of the program you want to call in pure Bash functions.避免显示在进程列表中的唯一方法是重新实现要在纯 Bash 函数中调用的程序的全部功能。 Function calls are not seperate processes. Function 调用不是单独的进程。 Usually this is not feasible, though.但是,通常这是不可行的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.