Reply to Re: Security of Unix Pipes (with Application Details) — PHP Programming Language

Posted by Rainer Weikusat on 05/01/07 17:04

"David T. Ashley" <dta@e3ft.com> writes:

[...]

> Because the FOB key is one of the parameters that must be used with the
> shared library, it must also be passed from PHP to the compiled C program.
> Because the FOB key is so sensitive, the question is how to pass it from PHP
> to the compiled program securely.
>
> Passing the information on the command line is clearly not secure, because
> program names and command-line parameters are world-visible on a Unix
> system.
>
> However, I was thinking that I could use the PHP proc_open() function:
>
> http://us.php.net/manual/en/function.proc-open.php
>
> to pass the information to the compiled C program's stdin and get
> information back from stdout securely (without others being able to
> eavesdrop).

You could try something simple, like writing the key to a file only
readable by someone with the 'correct' UID and pass the name of the
file to the program via commandline argument.

[Back to original message]

Удаленная работа для программистов • Как заработать на Google AdSense • England, UK • статьи на английском • PHP MySQL CMS Apache Oscommerce • Online Business Knowledge Base • DVD MP3 AVI MP4 players codecs conversion help

Home • Search • Site Map • Set as Homepage • Add to Favourites

Сайт изготовлен в Студии Валентина Петручека —
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация