[1085] in linux-net channel archive
Re: Rewrite DIP-337n-inaky to handle script file encryption
daemon@ATHENA.MIT.EDU (Benzoate)
Sun Sep 10 09:03:58 1995
Date: Sat, 9 Sep 1995 16:20:34 -0400 (EDT)
From: Benzoate <donald@vt.edu>
To: Alec Muffett <Alec.Muffett@UK.Sun.COM>
cc: raju@xgroup.ernet.in, scrain@goddard.shore.net, linux-net@vger.rutgers.edu,
linux-apps@vger.rutgers.edu
In-Reply-To: <199509071310.OAA04136@coyote.UK.Sun.COM>
On Thu, 7 Sep 1995, Alec Muffett wrote:
>
> >> - Passing the password as an environment variable will work OK for
> >> running DIP through an unattended shell script (give the password once
> >> at startup).
>
> Bad idea: "ps -auxwwe"
> ^--- dump env variables option
>
> Passwords should *only* be transmitted between processes through file
> I/O operations (read/write) - and one should take cate that they don't
> hang around in memory buffers in case a core dump is taken, and the
> secret leaks out that way.
>
> >>Can an equally easy method of handling it through cron
> >> jobs be devised?
>
> Not really - it's not recommended.
>
I just came in on this conversation so I may be totally off base
here, but if your just trying to get a slip link to stay up 24/7 that
shouldn't be any problem, I'm not sure what all this passing the password
crap is about but...I am able to keep my slip connection up 24/7 without
jumpping through all those hoops. I just use the standard dip script and
a script that I created (all 3 lines of it) that is called from cron, it
checks for the modem lock file, if it's not there it simply runs the dip
script again. If this helps, cool, if not, sorry.
