如何隐藏在 Linux 中运行的 C 程序的命令行参数,以便其他用户无法通过“w”、“ps auxwww”或类似命令看到它们?
It's actually rather difficult (I'll stop short of saying impossible since there may be a way I'm not aware of) to do this, especially if a user has access to the /proc
file system for your process.
Perhaps the best way to prevent people from seeing your command line arguments is to not use command line arguments :-)
You could stash your arguments in a suitably protected file called (for example) myargs.txt
then run your program with:
myprog @myargs.txt
Of course, you'll have to modify myprog
to handle the "arguments in a file" scenario.
Alternatively, you could set the arguments into environment variables and have your program use getenv
.
However, I'm not aware of any method that can protect you from a suitable-empowered process (such as one run by root
).
Modify the content of argv in your program:
#include <stdio.h>
#include <time.h>
void delay (long int msecs)
{
clock_t delay = msecs * CLOCKS_PER_SEC / 1000;
clock_t start = clock();
while (clock() - start < delay);
}
void main (int argc, char **argv)
{
if (argc == 2)
{
printf ("%s\n", argv[1]);
delay (6000);
argv[1][0] = 'x';
argv[1][1] = '.';
argv[1][2] = 'x';
printf ("%s\n", argv[1]);
delay (5000);
printf ("done\n");
}
else printf ("argc != 1: %d\n", argc);
}
Invocation:
./argumentClear foo
foo
x.x
done
Result, viewn by ps:
asux:~ > ps auxwww | grep argu
stefan 13439 75.5 0.0 1620 352 pts/5 R+ 17:15 0:01 ./argumentClear foo
stefan 13443 0.0 0.0 3332 796 pts/3 S+ 17:15 0:00 grep argu
asux:~ > ps auxwww | grep argu
stefan 13439 69.6 0.0 1620 352 pts/5 R+ 17:15 0:02 ./argumentClear x.x
stefan 13446 0.0 0.0 3332 796 pts/3 S+ 17:15 0:00 grep argu
Remark: My delay-function doesn't work as expected. Instead of 11 seconds, the program runs in about 2-3. I'm not the big C-programmer. :) The delay-function needs improvement here.
To hide the arguments from the ps command, you could use the hack i always use: sprintf(argv[0], "My super long argument list
");
Be sure to use spaces of about 3 lines using the space bar, otherwise the compiler will trow an error ! Keep in mind to change argv[0] after parsing the command line !
59982 pts/1 SLl+ 0:00 My super long argument list strings /proc/59982/cmdline My super long argument list
It's a hack, but an intruder will issue a "ps axw" first.
Always monitor mission critical server and check the logged in users !!!
As far as I know, that information is stored in kernel space. Short of writing a kernel module, you will not be able to hide this information because any program can query the proc filesystem to see the command line arguments (this is what ps does).
As an alternative, you can read in your command line args on stdin then populate an array to pass to the command line argument handler. Or, better yet, add support for your program to read a configuration file that contains the same command line argument information and set the permissions so that only the owner can read the file.
I hope this helps.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.