Linux 命令行参数的Shell脚本密码安全
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/6607675/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Shell script password security of command-line parameters
提问by David Parks
If I use a password as a command-line parameter it's public on the system using ps.
如果我使用密码作为命令行参数,它在使用ps.
But if I'm in a bash shell script and I do something like:
但是,如果我在 bash shell 脚本中并且执行以下操作:
...
{ somecommand -p mypassword }
...
is this still going to show up in the process list? Or is this safe?
这仍然会出现在进程列表中吗?或者这样安全吗?
- How about sub-processes: (...)? Unsafe right?
- coprocess?
- 子流程怎么样:(...)?不安全吧?
- 协程?
采纳答案by sehe
Command lines will always be visible (if only through /proc).
命令行将始终可见(如果只能通过 /proc)。
So the only real solution is: don't. You might supply it on stdin, or a dedicated fd:
所以唯一真正的解决办法是:不要。您可以在 stdin 或专用 fd 上提供它:
./my_secured_process some parameters 3<<< "b@dP2ssword"
with a script like (simplicity first)
使用类似的脚本(简单至上)
#!/bin/bash
cat 0<&3
(this sample would just dump a bad password to stdout)
(此示例只会将错误的密码转储到标准输出)
Now all you need to be concerned with is:
现在你需要关心的是:
- MITM (spoofed scripts that eaves drop the password, e.g. by subverting PATH)
- bash history retaining your password in the commandline (look at HISTIGNOREfor bash, e.g.)
- the security of the script that contains the password redirection
- security of the tty's used; keyloggers; ... as you can see, we have now descended into 'general security principles'
- MITM(窃取密码的欺骗脚本,例如通过破坏 PATH)
- bash 历史记录在命令行中保留您的密码(例如,查看 bash 的HISTIGNORE)
- 包含密码重定向的脚本的安全性
- 使用的 tty 的安全性;键盘记录器;...如您所见,我们现在已进入“一般安全原则”
回答by Kilian Foth
The only way to escape from being shown in the the process list is if you reimplement the entire functionality of the program you want to call in pure Bash functions. Function calls are not seperate processes. Usually this is not feasible, though.
避免在进程列表中显示的唯一方法是重新实现要在纯 Bash 函数中调用的程序的全部功能。函数调用不是单独的进程。但是,通常这是不可行的。
回答by grep
The called program can change its command line by simply overwriting argvlike this:
被调用的程序可以通过简单地argv像这样覆盖来改变它的命令行:
#include <stdlib.h>
#include <string.h>
int main(int argc, char** argv) {
int arglen = argv[argc-1]+strlen(argv[argc-1])+1 - argv[0];
memset(argv[0], arglen, 0);
strncpy(argv[0], "secret-program", arglen-1);
sleep(100);
}
Testing:
测试:
$ ./a.out mySuperPassword &
$ ps -f
UID PID PPID C STIME TTY TIME CMD
me 20398 18872 0 11:26 pts/3 00:00:00 bash
me 20633 20398 0 11:34 pts/3 00:00:00 secret-program
me 20645 20398 0 11:34 pts/3 00:00:00 ps -f
$
UPD: I know, it is not completely secure and may cause race conditions, but many programs that accept password from command line do this trick.
UPD:我知道,它不是完全安全的,可能会导致竞争条件,但是许多从命令行接受密码的程序都会这样做。
回答by puja
How about using a file descriptor approach:
如何使用文件描述符方法:
env -i bash --norc # clean up environment
set +o history
read -s -p "Enter your password: " passwd
exec 3<<<"$passwd"
mycommand <&3 # cat /dev/stdin in mycommand
See:
看:
