An example of this is:
cat pass.txt | docker login -u jarjarbinks --password-stdin=true
Can another unprivileged process snoop on the data being transferred through the anonymous FIFO?
Asked
Active
Viewed 79 times
1
John Kugelman
- 349,597
- 67
- 533
- 578
canadadry
- 8,115
- 12
- 51
- 68
-
1`cat pass.txt | docker` is a typical [useless use of cat](https://stackoverflow.com/q/11710552/7939871) – Léa Gris Oct 15 '21 at 05:26
1 Answers
4
does the process belong to the same user running this?
- YES: well, just as you can attach a debugger to your own processes, another process run by your user (assuming you have the
SYS_PTRACEcapability, but you usually do) can just snoop on the system calls needed to read the stdin file descriptor. - NO: "standard" unix user separation applies and the other user can't interfere with your processes, their memory or file descriptors.
Marcus Müller
- 34,677
- 4
- 53
- 94