Re: Password Visibility - did I miss something?
1997-01-23 09:32:30
Subject: |
Re: Password Visibility - did I miss something? |
From: |
Tim Dobrowolsky <tim AT CATRS.CAT.CC.MD DOT US> |
Date: |
Thu, 23 Jan 1997 09:32:30 -0500 |
At 03:51 AM 1/23/97 +0100, you wrote:
>im Dobrowolsky wrote:
>
>> So when I got adsm installed on my AIX box I checked the ps listing and
>> saw that dsmc had -password= but no password visible. Therefore I
>> assumed that the obvious security problem of passwords on the command
>> line was taken care of.
>
>ps augxwww (on AIX) will give you the whole command line, including the
>password.
>
>If you don't see the password when ou type ps, this is because the
>default behaviour of ps is the SystemV one, which limits the number of
>characters shown in the command line. ps augxwww will act as a BSD ps,
>and will show you the whole commande line.
>
Here's what I got from ps augxwww: (just thought you'd want to see)
root 21586 0.0 1.0 1288 648 - A Jan 17 0:00 /usr/lpp/adsm/bin/
dsmc schedule -password=
>>From a security point of view, you should never use the -password
>option. You should use a "generated" password instead. See the
>documentation about this point.
>
I believe what you are saying and will switch to "generate" ASAP.
>
>Alain
>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
> Tim Dobrowolsky > < yksloworboD miT <
> Computer Services > < secivreS retupmoC <
> Catonsville Community College > < egelloC ytinummoC ellivsnotaC <
> tim AT catrs.cat.cc.md DOT us > < su.dm.cc.tac.srtac@mit <
> 410-455-4562 > < 2654-554-014 <
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
|
|
|