I want a write a program that run an executable image without creating a new process... I want to do this because I want to use plink that send a password to a remote ssh server...
The plink program sends the password provided in command line .. If I use fork and exec functions someone can see the password provided in command line using process explorer or ps -aef or cat /proc//cmdline .. How to avoid this security hole..and this program has to be run on both linux and windows ..
Set up your SSH server to use RSA public/private key authentication instead of passwords. This is usually a better choice anyway for SSH in general. See http://www.google.com/search?q=set+up+ssh+rsa.
Most programs which accept a password on the command line also accept it via a file, a pipe, or an environment variable. Why not use one of these other mechanisms?
If your worry is that the password is visible, you may be better off encrypting the password. An encrypted password has little value to the observer, so you can use methods like exec() and fork()
To avoid being prompted for a password or using a plain text password in places where it could be "sniffed" from, you should almost certainly set up public-key authentication (assuming you're bound to plink...).
Using pipes is also a good solution.
I found a plink wrapper for unison that does what you need, mainly waiting for a password prompt on plink's STDOUT, then feeding it a response on STDIN.
Hope this works for you
well, why send the password in the beginning? use the password to encrypt some text+time stamp, and then send to authorize yourself?
and No, I don't know a way to call another program without creating a new process.
xwithout doingx' questions...