Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 18 Sep 1998 00:21:11 -0500 (CDT)
From:      Joel Ray Holveck <joelh@gnu.org>
To:        Robert Watson <robert+freebsd@cyrus.watson.org>
Cc:        Joel Ray Holveck <joelh@gnu.org>, Andrzej Bialecki <abial@nask.pl>, freebsd-current@FreeBSD.ORG
Subject:   Re: Limit 'ps' to show only user's processes
Message-ID:  <199809180521.AAA03520@detlev.UUCP>
In-Reply-To: <Pine.BSF.3.96.980917231235.7181A-100000@fledge.watson.org>
References:   <Pine.BSF.3.96.980917231235.7181A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
>>> Several people have been asking for this "feature" from time to time,
>>> namely that they could set a system variable (sysctl?) to limit 'ps' to
>>> show not all processes, but only user's processes for euid!=0.
>>> Would you consider this something worth implementing?
>> This belongs as a switch to ps, not as a sysctl variable.
> I agreed until we started with this 'procfs' thing.  With ps sgid kmem and
> pulling data from /dev/kmem, the appropriate place to put the limit was in
> ps.  With /procfs (and presumably a similar desire to limit data leaking),
> presumably the kernel would also be involved in limiting the spread of
> info.  Perhaps we can get ps to only use procfs and that would be far more
> desirable than this kmem approach.  I guess one would also have to either
> limit top, or have top use procfs.

Good point, thanks for reminding me (even though my "switch" comment
was based on an incorrect assumption).  I agree, and add that a sysctl
variable or kernel variable to set the permissions for
procfs-directories to 500 may be doable.  But, as somebody said,
-security has work in this direction.

Best,
joelh

-- 
Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan
   Fourth law of programming:
   Anything that can go wrong wi
sendmail: segmentation violation - core dumped

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809180521.AAA03520>