How can you hide passwords in command line arguments for a process in linux


There is quite a common issue in unix world, that is when you start a process with parameters, one of them being sensitive, other users can read it just by executing ps -ef. (For example mysql -u root -p secret_pw

Most frequent recommendation I found was simply not to do that, never run processes with sensitive parameters, instead pass these information other way.

However, I found that some processes have the ability to change the parameter line after they processed the parameters, looking for example like this in processes:

xfreerdp -decorations /w:1903 /h:1119 /kbd:0x00000409 /d:HCG /u:petr.bena /parent-window:54526138 /bpp:24 /audio-mode: /drive:media /media /network:lan /rfx /cert-ignore /clipboard /port:3389 / /p:********

Note /p:*********** parameter where password was removed somehow.

How can I do that? Is it possible for a process in linux to alter the argument list they received? I assume that simply overwriting the char **args I get in main() function wouldn't do the trick. I suppose that maybe changing some files in /proc pseudofs might work?

asked on Stack Overflow Mar 2, 2016 by Petr

1 Answer


"hiding" like this does not work. At the end of the day there is a time window where your password is perfectly visible so this is a total non-starter, even if it is not completely useless.

The way to go is to pass the password in an environment variable.

User contributions licensed under CC BY-SA 3.0