On Wed, 29 Jun 2016 09:37:05 -0400, Ken Hornstein said: > >I get it. Kerberos uses file permissions to protect the live token > >(the /tmp/krb5_* file). I just want to make sure we are not letting > >things like that slip through, where people are not aware that, e.g., > >environment variables or process arguments aren't secure. > > I hear you. Clearly from a security standpoint passing the bearer token > via a process argument isn't a good idea. Like I said, I'm willing to > fix this if my solution is acceptable to everyone.
The usual way to do this is to open a file on /tmp, unlink it, scribble the bits into the file, and pass the still-open file descriptor to the child process and pass just a '-fd 5' or whatever to tell the child which descriptor to read from....
pgp5HajO1V7xn.pgp
Description: PGP signature
_______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
