not a Linux expert, but I believe that at the very least it's time sensitive: after consumer process reads it, it's gone from the pipe. Unlike env vars and cli argument that stay there.

I guess the kernel is stopping that. I don't think permission wise you'd have the privileges to read someone else's stdin/out.

Yes pipes are exposed /proc/$pid/fd/$thePipeFd with user permissions [0].

Additionally command line parameters are always readable /proc/$YOUR_PROCESS_PID/cmdline [1]

There are workarounds but it's fragile. You may accept the risks and in that case it can work for you but I wouldn't recommend it for "general security". Seems it wouldn't be considered secure if everyone did it this way, therefore is it security through obscurity?

[0] https://unix.stackexchange.com/questions/156859/is-the-data-...

[1] https://stackoverflow.com/questions/3830823/hiding-secret-fr...