From owner-freebsd-current  Sun Apr 28 16:33:15 2002
Delivered-To: freebsd-current@freebsd.org
Received: from rwcrmhc51.attbi.com (rwcrmhc51.attbi.com [204.127.198.38])
	by hub.freebsd.org (Postfix) with ESMTP
	id CBBB137B41A; Sun, 28 Apr 2002 16:32:58 -0700 (PDT)
Received: from blossom.cjclark.org ([12.234.91.48]) by rwcrmhc51.attbi.com
          (InterMail vM.4.01.03.27 201-229-121-127-20010626) with ESMTP
          id <20020428233258.BJZZ8969.rwcrmhc51.attbi.com@blossom.cjclark.org>;
          Sun, 28 Apr 2002 23:32:58 +0000
Received: (from cjc@localhost)
	by blossom.cjclark.org (8.11.6/8.11.6) id g3SNWv250002;
	Sun, 28 Apr 2002 16:32:57 -0700 (PDT)
	(envelope-from cjc)
Date: Sun, 28 Apr 2002 16:32:57 -0700
From: "Crist J. Clark" <crist.clark@attbi.com>
To: Robert Watson <rwatson@FreeBSD.org>
Cc: Richard Arends <richard@unixguru.nl>,
	Kris Kennaway <kris@obsecurity.org>, current@FreeBSD.org
Subject: Re: truss
Message-ID: <20020428163257.K37618@blossom.cjclark.org>
Reply-To: cjclark@alum.mit.edu
References: <20020428134506.J37618@blossom.cjclark.org> <Pine.NEB.3.96L.1020428170909.64976O-100000@fledge.watson.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <Pine.NEB.3.96L.1020428170909.64976O-100000@fledge.watson.org>; from rwatson@FreeBSD.org on Sun, Apr 28, 2002 at 05:11:14PM -0400
X-URL: http://people.freebsd.org/~cjc/
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG

On Sun, Apr 28, 2002 at 05:11:14PM -0400, Robert Watson wrote:
> 
> On Sun, 28 Apr 2002, Crist J. Clark wrote:
> 
> > On Sun, Apr 28, 2002 at 03:59:44PM -0400, Robert Watson wrote:
> > [snip]
> > 
> > > In FreeBSD 5.0, all this information is exported from the kernel using the
> > > sysctl() interface, which provides much more information gating, and
> > > flexibe policy controls.  This exists in part in 4.x, but not completely. 
> > > In 5.0, ps requires no special privilege, and access control is done
> > > entirely in the kernel.
> > 
> > I think I'm missing something here.
> > 
> >   $ uname -r
> >   4.5-RELEASE
> >   $ ls -l /bin/ps
> >   -r-xr-xr-x  1 root  wheel  213796 Jan 30 14:30 /bin/ps
> > 
> > ps(1) has no special privileges in 4.x, but I may not understand what
> > you mean by "special privileges?" (To me it means s{u,g}id.)
> 
> Hmm.  I'd forgotten that the setgid kmem was removed in 4.x; I was
> probably thinking of top, which still is setgid in -STABLE.  You'll find
> however, that -e won't work without setgid kmem being turned on.

'-e' for ps(1) seems to work fine on processes you own. You cannot see
the environments of other users' processes (of course root can see
everyone's). But you do need /proc for '-e' to work.

> There
> are a number of other tools in -CURRENT that aren't setgid kmem where they
> are in -STABLE (top, iostat, etc). 

You know, I'm not sure why top(1) needs it if ps(1) doesn't.
-- 
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message