-
Type: Bug
-
Resolution: Unresolved
-
Priority: Minor - P4
-
None
-
Affects Version/s: None
-
Component/s: None
-
Environment:Windows
-
Server Security
-
ALL
The censorArgvArray in
censorArgvArray(int argc, char** argv);
is meant to overwrite argv to hide command-line secrets from `ps` or `/proc` traversal.
But on Windows, the argv we give is not the real argvW. It's a copy, so modifying it has no effect.
Windows processes have a special undocumented PEB block that may need to be modified to do the censoring properly.