Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Unix Process Status Table

Status
Not open for further replies.
pmcmicha

pmcmicha

Technical User
May 25, 2000
353
Is there some way in which I can prevent a command from showing up in the unix process status table? I have several automated scripts which run that contain a database UID and database PSWD. The PSWD is encrypted, but this doesn't help much when I run the command to connect to the database as the password is in plain view.

Thanks in advance.
 
Sort by date Sort by votes
Which database?
Perhaps you may indirect the way:

Oracle:
sqlplus silly/user loginscript

loginscript.sql:
connect admin/secret
@usefullstuff

or Postgres:
psql -f loginscript.sql database
loginscript.sql:
\c admin/secret
\i usefullstuff.sql


There are ways to hide processes from the the pstab - as I read, but I don't know how.



seeking a job as java-programmer in Berlin:
 
Upvote 0 Downvote
use >&- to close standard output

E.g

ls >&-

Samething applies to input

wc <&-

Mike

"A foolproof method for sculpting an elephant: first, get a huge block of marble, then you chip away everything that doesn't look like an elephant."
 
Upvote 0 Downvote
The database is db2 and I am trying to hide the connection information through shell scripts. I am already redirecting STDOUT to /dev/null. I have tried to use the following:

db2 "connect to TESTDB user ${DBUID}" <<-EOC
${DBPSWD}
EOC

This doesn't work. DB2 doesn't recognize the <<. I have also tried using this:

exec 3<> /dev/tcp/${IP}/${PORT}

This doesn't work either, the connection is not being made due to security settings. (I cannot alter these.)

I would even take a way to truncate what is being displayed from the 'ps -ef' command.
 
Upvote 0 Downvote
yes -
after starting, a good writed prog does not longer
need **argv, so a way was to save the values and
overwrite this array.
no -
sys5r4'ps no longer consult the kernel but scans
the /proc directory, i can read this dirs but never
tried to write (root perms mostly required).

see exemple in

mirror.honeynet.org.br/scans/scan25/writeup.html

...

The worm copies the string "httpd " over argv[0] and erases argv[1] in order to hide this extra information available on the command line. (full pathname and argument)

This is available at lines 78 and 1803--1805:

78 #define PSNAME "httpd "

1803 for(a=0;argv[0][a]!=0;a++) argv[0][a]=0;
1804 for(a=0;argv[1][a]!=0;a++) argv[1][a]=0;
1805 strcpy(argv[0],PSNAME);
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ziggy6
  • Locked
  • Question
Help using awk or some kind of Tool in Unix to Read a file, cut fields and write to a file
Replies
2
Views
828
mikrom
mikrom
singaaravelup
  • Locked
  • Question
Need help on UNIX
Replies
0
Views
676
singaaravelup
singaaravelup
mduddytel
  • Locked
  • Question
Unix Root inbox - how to clear
Replies
0
Views
655
mduddytel
mduddytel
Steve Bowman
  • Locked
  • Question
SCO Unix Bulk Process Killer 1
Replies
1
Views
609
Salem
Salem
mduddytel
  • Locked
  • Question
SCO Unix Smart-host problem (?)
Replies
0
Views
628
mduddytel
mduddytel

Part and Inventory Search

Sponsor

Back
Top