Launch process and hide command line parameters from Task Manager

Question

I\'m not sure if this question is more appropriate for Stackoverflow or SuperUser or what StackExchange site...

Basically I\'m launching a third-party app from C# wi

Answer 1

If you set an ACL for the new process, it should restrict who can read the command line information. An empty ACL, granting no permissions, might block access to administrators using Task Manager, though my first guess is that it will not. (Note that an empty security descriptor is not the same thing as an empty ACL. One implicitly grants permission to everyone, the other implicitly denies it.)

Of course, an administrator could always replace plink.exe with something that stores the password somewhere. So I'm not sure that worrying about what the administrator can see with Task Manager makes sense!

Answer 2

There's no way to pass a command line argument to a process, so that the process can see it, but everything else in the system cannot.

This is an obvious flaw and when programs allow passwords to be passed as arguments, it's usually done for convenience for the user that is not concerned about eavesdroppers. Well designed programs will usually provide, in addition, other secure means of authentication.