Running a executable in another process without creating a new process

2
votes

I want a write a program that run an executable image without creating a new process... I want to do this because I want to use plink that send a password to a remote ssh server...

The plink program sends the password provided in command line .. If I use fork and exec functions someone can see the password provided in command line using process explorer or ps -aef or cat /proc//cmdline .. How to avoid this security hole..and this program has to be run on both linux and windows ..

6
c++cwindowslinux
I do hope this isn't another one of those 'I want to do x without doing x' questions...Matthew Scharley
He wants to Run a executable in another process without running a new process, so I think it might be :-)Chris Huang-Leaver

6 Answers

7
votes

Set up your SSH server to use RSA public/private key authentication instead of passwords. This is usually a better choice anyway for SSH in general. See http://www.google.com/search?q=set+up+ssh+rsa.

3
votes

Most programs which accept a password on the command line also accept it via a file, a pipe, or an environment variable. Why not use one of these other mechanisms?

0
votes

If your worry is that the password is visible, you may be better off encrypting the password. An encrypted password has little value to the observer, so you can use methods like exec() and fork()

0
votes

To avoid being prompted for a password or using a plain text password in places where it could be "sniffed" from, you should almost certainly set up public-key authentication (assuming you're bound to plink...).

Using pipes is also a good solution.

0
votes

I found a plink wrapper for unison that does what you need, mainly waiting for a password prompt on plink's STDOUT, then feeding it a response on STDIN.

Hope this works for you

-1
votes

well, why send the password in the beginning? use the password to encrypt some text+time stamp, and then send to authorize yourself?

and No, I don't know a way to call another program without creating a new process.