By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
424,984 Members | 1,461 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 424,984 IT Pros & Developers. It's quick & easy.

Securing Data Between PHP Script and Exec'd Compiled 'C' Program

P: n/a
Hi,

I'm using RSA Securid Tokens, and I'm going to write a little 'C' program
that takes as input the userid (i.e. "jsmith") and the number displayed on
the token (i.e. "123456") and returns a result code indicating whether
authentication is successful.

The compiled 'C' program will be called from a PHP script.

I know that if I pass the parameters on the command line, i.e.

authenticator jsmith 123456

the parameters are world-visible (via "ps -Af", for example) and this is an
information leak.

<BEGIN QUESTION>
How can I pass things securely between the PHP script and the exec'd
program?
<END QUESTION>

One way I suppose I could always use is to create a file from the PHP script
and then just pass the filename to the program (assuming permissions and
UID/GID were all set up correctly).

But is there a more elegant way that doesn't create files, such as pipes or
shared memory?

Thanks, Dave.

Jul 7 '06 #1
Share this Question
Share on Google+
1 Reply


P: n/a

David T. Ashley wrote:
Hi,

I'm using RSA Securid Tokens, and I'm going to write a little 'C' program
that takes as input the userid (i.e. "jsmith") and the number displayed on
the token (i.e. "123456") and returns a result code indicating whether
authentication is successful.

The compiled 'C' program will be called from a PHP script.

I know that if I pass the parameters on the command line, i.e.

authenticator jsmith 123456

the parameters are world-visible (via "ps -Af", for example) and this is an
information leak.

<BEGIN QUESTION>
How can I pass things securely between the PHP script and the exec'd
program?
<END QUESTION>

One way I suppose I could always use is to create a file from the PHP script
and then just pass the filename to the program (assuming permissions and
UID/GID were all set up correctly).

But is there a more elegant way that doesn't create files, such as pipes or
shared memory?

Thanks, Dave.
popen() and pclose() is what you need I believe.

Jul 7 '06 #2

This discussion thread is closed

Replies have been disabled for this discussion.