The environment variables of a process when it was started are available
via /proc/<pid>/environ file. So while other users on that system can't see
the environ, every other process running as your target user could.
Worse, however, your "echo" process puts the password in arguments, and any
local user can see program name and args for all running processes. That's
a no-no.
On Sat, Mar 12, 2022 at 2:14 PM Dan Stromberg via rsync <
rsync@lists.samba.org> wrote:
>
> On Sat, Mar 12, 2022 at 12:23 PM Dr. Mark Asbach via rsync <
> rsync@lists.samba.org> wrote:
>
>> Hi there, hi past me,
>>
>> > My (non-working) attempt:
>> > […]
>> > So it seems the "-l" is dropped into the void letting ssh assume USER
>> was the target host? I don’t actually get what I can do.
>>
>> Turns out, I have to write down the description of my issue and then send
>> the email before I magically understand the solution ;-)
>>
>> Here’s a working example that does not need a wrapper script:
>>
>> PASSWORD=<SUDOPASS> rsync -vv --delete-after --delay-updates '/bin/sh -c
>> "{ echo $PASSWORD; cat - ; } | ssh -i ~/.ssh/id.key $0 $* &"'
>> --rsync-path='sudo -S rsync‘ ./SRCDIR USER@HOST:DSTDIR
>>
>> The trick was actually to add "$0" because $* will drop the first
>> argument from the list as this typically is the name of the script itself
>> (duh!).
>>
>> Hope this is of help to anyone,
>>
>
> Cool, glad you found a solution you're happy with.
>
> Bear in mind, putting a password in an environment variable can be seen by
> other users on the same system with "ps auxwwe".
>
> --
> Please use reply-all for most replies to avoid omitting the mailing list.
> To unsubscribe or change options:
> https://lists.samba.org/mailman/listinfo/rsync
> Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
>
--
Bri Hatch
"Quite mad, they say. It is good that Zathras does not mind. He's even grown
to like it. Oh yes."
--
Please use reply-all for most replies to avoid omitting the mailing list.
To unsubscribe or change options: https://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.catb.org/~esr/faqs/smart-questions.html
