|
|
Posted by Chung Leong on 07/07/06 21:49
David T. Ashley wrote:
> Hi,
>
> I'm using RSA Securid Tokens, and I'm going to write a little 'C' program
> that takes as input the userid (i.e. "jsmith") and the number displayed on
> the token (i.e. "123456") and returns a result code indicating whether
> authentication is successful.
>
> The compiled 'C' program will be called from a PHP script.
>
> I know that if I pass the parameters on the command line, i.e.
>
> authenticator jsmith 123456
>
> the parameters are world-visible (via "ps -Af", for example) and this is an
> information leak.
>
> <BEGIN QUESTION>
> How can I pass things securely between the PHP script and the exec'd
> program?
> <END QUESTION>
>
> One way I suppose I could always use is to create a file from the PHP script
> and then just pass the filename to the program (assuming permissions and
> UID/GID were all set up correctly).
>
> But is there a more elegant way that doesn't create files, such as pipes or
> shared memory?
>
> Thanks, Dave.
popen() and pclose() is what you need I believe.
[Back to original message]
|