On Thu, 21 Feb 2002 22:30:54 +0100, Vincent Arkesteijn <[EMAIL PROTECTED]> said:
> Why? Just put the password in the program, and give your users
> execute permission, but no read permission on the program. It
> may not be too elegant, and it's a bit clumsy when you want to
> change the password, but it's the simplest solution.
Still vulnerable to attack via gdb/dbx or ptrace(), but that's a
question of whether your threat model includes somebody both that
determined and skilled...
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
msg08102/pgp00000.pgp
Description: PGP signature
