RFC: KCmdLineArgs::obfuscateOption()
Waldo Bastian
bastian at kde.org
Mon Oct 4 20:23:50 BST 2004
I guess we could move kinit/setproctitle.cpp to kcmdlineargs.
Cheers,
Waldo
On Monday 04 October 2004 21:04, Jarosław Staniek wrote:
> The proposal:
> An enhancement for security in KDE apps: sometimes it's needed to obfuscate
> CL option value (replacing with "x" string), when it contain a password, to
> hide it from stealing using 'ps' command.
>
> static void KCmdLineArgs::obfuscateOption(const char*)
>
> would be usable to do that without playing with int argc, char **argv.
>
> I've done this as follows (for password" option),
> but it could be easier with KCmdLineArgs:
>
> for (int i=1; i<(argc-1); i++) {
> if (qstrcmp("--password",argv[i])==0
>
> || qstrcmp("-password",argv[i])==0)
>
> {
> QCString pwd(argv[i+1]);
> if (!pwd.isEmpty()) {
> pwd.fill(' ');
> pwd[0]='x';
> qstrcpy(argv[i+1], (const char*)pwd);
> }
> break;
> }
> }
--
bastian at kde.org | Wanted: Talented KDE developer | bastian at suse.com
http://www.suse.de/de/company/suse/jobs/suse_pbu/developer_kde.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.kde.org/pipermail/kde-core-devel/attachments/20041004/167dd4f1/attachment.sig>
More information about the kde-core-devel
mailing list