On Wed, 10 Nov 1999, Alexander Leidinger wrote:
> On 11 Nov, Daniel C. Sobral wrote:
> >> >> (102) netchild@ttyp2 > grep cat /etc/rc.conf.local
> >> >> spppconfig_isp0="`cat /etc/isdn/connect.parameters`"
> > ^^^
> > Calling programs from any of the rc.conf files is considered evil
> > and it's looked down on.
>
> Itīs there to hide login/passwd information for i4b.
But it seems like the end up as arguments to ifconfig at a later date,
where a user can pull them out of ps, /proc, etc. The window there is
clearly shorter than keeping it in /etc/rc.conf, but still not "secure"
per se. The same goes for the use of environmental variables, which can
also be listed using ps. Probably spppconfig should accept a filename
with the contents as an argument, or the information via a pipe.
Robert N M Watson
[EMAIL PROTECTED] http://www.watson.org/~robert/
PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1
TIS Labs at Network Associates, Safeport Network Services
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
