Hiding command line arguments for C program in Linux

Question

如何隐藏在 Linux 中运行的 C 程序的命令行参数，以便其他用户无法通过“w”、“ps auxwww”或类似命令看到它们？

Answer 1

It's actually rather difficult (I'll stop short of saying impossible since there may be a way I'm not aware of) to do this, especially if a user has access to the /proc file system for your process.

Perhaps the best way to prevent people from seeing your command line arguments is to not use command line arguments :-)

You could stash your arguments in a suitably protected file called (for example) myargs.txt then run your program with:

myprog @myargs.txt

Of course, you'll have to modify myprog to handle the "arguments in a file" scenario.

Alternatively, you could set the arguments into environment variables and have your program use getenv .

However, I'm not aware of any method that can protect you from a suitable-empowered process (such as one run by root ).

Answer 2

Modify the content of argv in your program:

#include <stdio.h>
#include <time.h>

void delay (long int msecs)
{
        clock_t delay = msecs * CLOCKS_PER_SEC / 1000;
        clock_t start = clock();
        while (clock() - start < delay);
}

void main (int argc, char **argv)
{
    if (argc == 2) 
    {
        printf ("%s\n", argv[1]);
        delay (6000);

        argv[1][0] = 'x';
        argv[1][1] = '.';
        argv[1][2] = 'x';

        printf ("%s\n", argv[1]);
        delay (5000);
        printf ("done\n");
    }
    else printf ("argc != 1: %d\n", argc);
}

Invocation:

./argumentClear foo  
foo
x.x
done

Result, viewn by ps:

asux:~ > ps auxwww | grep argu
stefan   13439 75.5  0.0   1620   352 pts/5    R+   17:15   0:01 ./argumentClear foo
stefan   13443  0.0  0.0   3332   796 pts/3    S+   17:15   0:00 grep argu
asux:~ > ps auxwww | grep argu
stefan   13439 69.6  0.0   1620   352 pts/5    R+   17:15   0:02 ./argumentClear x.x
stefan   13446  0.0  0.0   3332   796 pts/3    S+   17:15   0:00 grep argu

Remark: My delay-function doesn't work as expected. Instead of 11 seconds, the program runs in about 2-3. I'm not the big C-programmer. :) The delay-function needs improvement here.

Answer 3

To hide the arguments from the ps command, you could use the hack i always use: sprintf(argv[0], "My super long argument list

"); Be sure to use spaces of about 3 lines using the space bar, otherwise the compiler will trow an error ! Keep in mind to change argv[0] after parsing the command line !

59982 pts/1    SLl+   0:00 My super long argument list

strings /proc/59982/cmdline
My super long argument list

It's a hack, but an intruder will issue a "ps axw" first.

Always monitor mission critical server and check the logged in users !!!

Answer 4

As far as I know, that information is stored in kernel space. Short of writing a kernel module, you will not be able to hide this information because any program can query the proc filesystem to see the command line arguments (this is what ps does).

As an alternative, you can read in your command line args on stdin then populate an array to pass to the command line argument handler. Or, better yet, add support for your program to read a configuration file that contains the same command line argument information and set the permissions so that only the owner can read the file.

I hope this helps.