General Solution to spawning a Unix process whose arguments cannotbe seen by other processes ...

[Xeno Campanoli]

I know root can get into anything and hack out this information, but given the
presumption that nobody could get root on my system:

1. How would I generally spawn processes to the shell whose arguments would not
be easily visible to others on the server (I am already going https over the
net, so that is at least minimally covered)...?
2. Is the subversion gem a good way to do this specifically for subversion?
3. Is there some other paradigm or perspective which would perhaps lead me to a
better way all around of doing what I seem to want, which is to make a rhtml GUI
that allows password access to certain secure commands?

Note among other things that I am doing load-each-time CGI with everything, no
mod_ruby, so there's nothing going to lie around in memory forever, and at the
same time $Save=0 is not an option. Also, this is an internal project, so it is
NOT first-tier security from direct public access.

xc

 

[ara.t.howard]

I know root can get into anything and hack out this information, but
given the presumption that nobody could get root on my system:

1. How would I generally spawn processes to the shell whose
arguments would not be easily visible to others on the server (I am
already going https over the net, so that is at least minimally
covered)...?
2. Is the subversion gem a good way to do this specifically for
subversion?
3. Is there some other paradigm or perspective which would perhaps
lead me to a better way all around of doing what I seem to want,
which is to make a rhtml GUI that allows password access to certain
secure commands?

Note among other things that I am doing load-each-time CGI with
everything, no mod_ruby, so there's nothing going to lie around in
memory forever, and at the same time $Save=0 is not an option.
Also, this is an internal project, so it is NOT first-tier security
from direct public access.

xc

--
Those unfortunate enough to lean more to contrary than truth,
as they age, find themselves struggling gleefully in a deluded cloud,
only to waken too late mutilated in an iron maiden of their own
reality.

send the commands on stdin to the program.

IO.popen 'cmd', 'r+' do |pipe|
pipe.write commands
end

you can't with all programs but if you are in control of them you sure
can.


a @ http://codeforpeople.com/

 

[Heesob Park]

I know root can get into anything and hack out this information, but given
the presumption that nobody could get root on my system:

1. How would I generally spawn processes to the shell whose arguments
would not be easily visible to others on the server (I am already going
https over the net, so that is at least minimally covered)...?

On Linux, you can hide command line argument by setting $0 to
something else in the
spawned process.

Regards,
Park Heesob