| Subject | Re: [firebird-support] Re: isql client and passwords |
|---|---|
| Author | Jacqui Caren |
| Post date | 2004-08-16T07:28:10Z |
rcrfb wrote:
you will only see env for your processes - other such as
"A=1 B=2 sleep 30" will not show up.
securing/upgrading your system this is an old fixed security
hole.
Also consider using ISC_...=user ISC_...=pass isql ....
so that you do not have to keep set and clear the env of
the forking shell.
Jacqui
> But remember:Only if you are "root". If you do not have approriate privs
> on Linux, with the command 'ps -e e' the environment of each process
> will be displayed.
you will only see env for your processes - other such as
"A=1 B=2 sleep 30" will not show up.
> So it is possible for another user on the same hostIf individual users have this ability then I suggest you consider
> to 'read' these environment variables while the 'isql' command is running
> (or another process is running in the shell where the environment
> variables have been specified).
securing/upgrading your system this is an old fixed security
hole.
Also consider using ISC_...=user ISC_...=pass isql ....
so that you do not have to keep set and clear the env of
the forking shell.
Jacqui