[drbd-mc] Using DRBD MC with sudo will leave cleartext password visable with ps -ef

Kulovits Christian - OS ITSC Christian.Kulovits at austrian.com
Tue Dec 21 11:10:58 CET 2010

>> Hello,
>> We are using DRBD MC for some Linux Clusters, and it is a very great
>> tool. We are not allowed to login with root account to our systems for
>> admin purposes and so we use the sudo facility from the mc. We have su
>> and sudo configured to get used without password for our admins, but when
>> using the mc we could see the cleartext password with the ps -ef command:
>> user  13768 29341  0 10:50 pts/2    00:00:00 bash -c trap - SIGPIPE;echo
>> "PASSWORD"|sudo -S -p '' bash -c "trap - SIGPIPE; { nice -n 19
>> /usr/local/bin/drbd-gui-helper-0.8.6 hw-info-lazy; } 2>&1" 2>/dev/null
>> Is there another way to establish required authority, eg. sudo without
>> password, or su -l (without password)?

>If you configure sudo without password, then if you enter anything as a
>"sudo password" it should work. I'll try to think about something to make
>it suck less.

We get prompted for a password only once, which is used for the ssh connection and the sudo command.

Austrian Airlines AG, Office Park 2, P.O. Box 100, 1300 Vienna-Airport, Austria, registered office: Vienna, registered with Vienna Commercial Court under FN 111000k, DVR 0091740. This e-mail is confidential and is subject to disclaimers. Details can be found at: http://www.austrian.com/disclaimer.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linbit.com/pipermail/drbd-mc/attachments/20101221/0fc00ea5/attachment.htm>

More information about the drbd-mc mailing list