tags:

views:

37

answers:

2
+1  Q: 

How to send argument securely using Process class?

Hello,

I'm using System.Diagnostics.Process to execute an svn command from a windows console application. This is the configuration of the process:

svn.StartInfo.FileName = svnPath;
svn.StartInfo.Arguments = string.Format("copy {0}/trunk/ {0}/tags/{1} -r head -q --username {3} --password {4} -m \"{2}\"", basePathToRepo, tagName, message, svnUserName, svnPassword);
svn.StartInfo.UseShellExecute = false;
svn.Start();
svn.WaitForExit();

My problem is that those arguments, which include the svn credentials, are sent (I suppose) in an unsecure way.

Is there a way to send these arguments in a secure way using the Process class?

Thanks!

+1  A: 

send where? they are passed from your code to WinApi. it is in-memory operation, it is secure enough.

Andrey  2010-04-27 17:00:47
+1 for secure enough, it's far more likely the SVN credentials would be taken from inside your application directly as opposed to trying to intercept that shell execution.
Chris Marisic  2010-04-27 17:02:46
write your own svn.exe that captures data.... and here all security ends. but it is not about Process class
Andrey  2010-04-27 17:36:09
+1  A: 

This is using the standard command line mechanism, which is going to be the same as any other method. There is no "secure" way to send a command line argument to a program, as it's just a standard process.

That being said, this is going to only be accessible locally, since you're running this in the local user's account already. This is just as secure as having the user type this into a Command Prompt window...

Reed Copsey  2010-04-27 17:01:33
You're right... thanks a lot to get me out of the confussion.
Sebastian  2010-04-27 17:04:47

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?