klingtnet/README.md

## README.md

      
    Raw
  

              README.md
            
          
    You can not overwrite command line arguments with Go

The code above will not change what is printed when running xargs -0 <\ /proc/<PID>/cmdline.
This is likely because os.Args is a slice copy of the actual command line arguments: https://github.com/golang/gofrontend/blob/289d94b9e6303ec74649d1f08d418300f2b4d0fd/libgo/go/runtime/runtime.go#L61
You may ask why anyone want's to do this, e.g. MySQL is overwriting passwords passed from the command line such that they can not be read with the method above, at least not after process initialization is finished:

On some systems, your password becomes visible to system status programs such as ps that may be invoked by other users to display command lines. MySQL clients typically overwrites the command-line password argument with zeros during their initialization sequence.

Conclusion: Use environment variables to pass secrets.

  
## overwrite.go
package main

import (
        "fmt"
        "os"
        "time"
)

func main() {
        pw := os.Args[1]
        os.Args[1] = "hidden"
        fmt.Println("Running as PID", os.Getpid())
        fmt.Printf("A secret: %q\n", pw)
        wait := 5 * time.Minute
        fmt.Println("Sleeping for", wait)
        time.Sleep(wait)
}
	package main

	import (
	"fmt"
	"os"
	"time"
	)

	func main() {
	pw := os.Args[1]
	os.Args[1] = "hidden"
	fmt.Println("Running as PID", os.Getpid())
	fmt.Printf("A secret: %q\n", pw)
	wait := 5 * time.Minute
	fmt.Println("Sleeping for", wait)
	time.Sleep(wait)
	}