Posted by Rainer Weikusat on 05/01/07 17:04

"David T. Ashley" <dta@e3ft.com> writes:

[...]

> Because the FOB key is one of the parameters that must be used with the
> shared library, it must also be passed from PHP to the compiled C program.
> Because the FOB key is so sensitive, the question is how to pass it from PHP
> to the compiled program securely.
>
> Passing the information on the command line is clearly not secure, because
> program names and command-line parameters are world-visible on a Unix
> system.
>
> However, I was thinking that I could use the PHP proc_open() function:
>
> http://us.php.net/manual/en/function.proc-open.php
>
> to pass the information to the compiled C program's stdin and get
> information back from stdout securely (without others being able to
> eavesdrop).

You could try something simple, like writing the key to a file only
readable by someone with the 'correct' UID and pass the name of the
file to the program via commandline argument.

• Next in forum: Trouble with SoapVar or is it xsi:Type?
• Prev in forum: Re: Security of Unix Pipes (with Application Details)
• Thread view: Re: Security of Unix Pipes (with Application Details)

[Reply to this message]