Start process, hide arguments from ps

Question

Start process, hide arguments from ps

I have a Python script that interacts with the API. The script is launched from the PHP page. I wrote both scripts, so I can change the code anyway.

Python script requires username and password to interact with the API. My first wish is to pass them to Python as CLI arguments:

<?php
exec('python someScript.py AzureDiamond hunter2');
?>

However, everyone can see the credentials through ps:

$ ps | grep someScript
1000     23295  2.0  0.2 116852  9252 pts/0    S+   15:47   0:00 python someScript.py AzureDiamond hunter2

The alternatives I am considering is writing the data to a text file or sqlite database and then deleting it. Are there any better ideas? The limitation with the sqlite approach is that this needs to be done in a fairly portable way (phpFox plugin), and most budget web hosts do not support the module sqlite3.

+5

python security php

dotancohen Jan 25 '13 at 13:58

4

- , . MyProxy - . MyProxy , , - , .

http://grid.ncsa.illinois.edu/myproxy/

+1

Bmayer0122 26 . '13 5:07

stdin python , , php:

<?php
$handle = popen("/bin/python /var/www/someScript.py", "w");
// write username and password to $handle (e.g. newline separated)
?>

, , ( /proc/nn/fd/ 0?), , , , .

+1

Michael 26 . '13 13:43

Looking at the problem from a different angle, you can solve it by hiding the simple characters passed to exec (). Do you consider using any cryptographic library to hide plaintext from the sender and decrypt it in the receiver? Just a thought.

0

code82 Jan 25 '13 at 14:03

source share

Bernhard · Accepted Answer · 2013-01-25T14:00:58+0000

, PHP, Python script.

Start process, hide arguments from ps

More articles: