If you memset the argv area, it changes the parameters displayed by ps,
at least. I don't know if that information is available anywhere else.
In any case, it isn't really a great solution. There is still a window
of availability, and it isn't exactly hard to exploit if duplicity is
invoked from cron at a known time.
Evan
Kenneth Loafman wrote:
address@hidden wrote:
But what about the others? .. ede
All of the protocols except S3 should take the password from the
environment variable FTP_PASSWORD, however, if the user specifies it in
the URL, I don't know a way to obscure it from ps and friends.
...Ken
------------------------------------------------------------------------
_______________________________________________
Duplicity-talk mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/duplicity-talk
_______________________________________________
Duplicity-talk mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/duplicity-talk