Date: Thu, 26 Jul 2007 13:57:17 -0300 From: "Victor Loureiro Lima" <victorloureirolima@gmail.com> To: "John-Mark Gurney" <gurney_j@resnet.uoregon.edu>, "Victor Loureiro Lima" <victorloureirolima@gmail.com>, "Daniel Molina Wegener" <dmw@unete.cl>, "FreeBSD Hackers" <freebsd-hackers@freebsd.org> Subject: Re: A few questions... Message-ID: <ac00e00a0707260957w575b7794vf1abe9c7d1506f3f@mail.gmail.com> In-Reply-To: <20070726061225.GJ99491@funkthat.com> References: <200707232052.58485.dmw@unete.cl> <20070724184355.GH99491@funkthat.com> <ac00e00a0707241235u4058e2a4ybe50e7843e1d1bb9@mail.gmail.com> <20070724225157.GI99491@funkthat.com> <ac00e00a0707250814o17b3a159n2af4c211677df945@mail.gmail.com> <20070726061225.GJ99491@funkthat.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2007/7/26, John-Mark Gurney <gurney_j@resnet.uoregon.edu>: > Victor Loureiro Lima wrote this message on Wed, Jul 25, 2007 at 12:14 -0300: > > 2007/7/24, John-Mark Gurney <gurney_j@resnet.uoregon.edu>: > > >Victor Loureiro Lima wrote this message on Tue, Jul 24, 2007 at 16:35 > > >-0300: > > >> 2007/7/24, John-Mark Gurney <gurney_j@resnet.uoregon.edu>: > > >> >Daniel Molina Wegener wrote this message on Mon, Jul 23, 2007 at 20:52 > > >> >-0400: > > >> >> a) Is there any function or variable that tells me which is the > > >> >> root user UID in the system, or root always have 0 and it's > > >> >> an "elegant" option to compare the variables or structure > > >> >> members against zero. > > >> > > > >> >#include <sys/conf.h> > > >> > > > >> >uid == UID_ROOT > > >> > > > >> >> b) Can normal users look for system processes or kernel threads? > > >> > > > >> >Yes, ps does this... > > >> > > > >> > > >> ps(1) either elevates its priviledges during execution, or has some > > >> other way of medling into the afairs of other processes that will > > >> eventually need some higher priviledge status (either that, or I am > > >> really out-dated on modern operational systems) > > > > > >hydrogen,ttypm,/home/johng,503$ls -l /bin/ps > > >-r-xr-xr-x 1 root wheel 31372 May 8 2005 /bin/ps* > > > > > >So, as you see, no suid or sgid necessary for ps to function... > > >FreeBSD exports most/all of the info through sysctl which does not > > >require elevated privs to get... > > > > > >And ps doesn't medling.. it's just a voyeur.. > > hahaha I liked that phrase ;) > > > > > > Check this out: > > http://www.freebsd.org/cgi/cvsweb.cgi/src/bin/ps/ps.c?rev=1.106.2.2;content-type=text%2Fplain > > > > Turns out ps(1) uses libkvm, more specifically kvm_getprocs() function > > (the function that I said was in the middle of my last experience on > > getting process information from FreeBSD ;)) Im pretty sure it doesnt > > get _any_ of its info thru sysctl's, but using the kvm interface which > > is simple, clean and orthogonal, however I guess I was a little bit > > incorrect in my last email, ps(1) in its common execution mode will > > Have you looked at the source to kvm_getprocs(3)? > struct kinfo_proc * > kvm_getprocs(kd, op, arg, cnt) > [...] > { > [...] > if (ISALIVE(kd)) { > size = 0; > mib[0] = CTL_KERN; > mib[1] = KERN_PROC; > mib[2] = op; > mib[3] = arg; > temp_op = op & ~KERN_PROC_INC_THREAD; > st = sysctl(mib, > temp_op == KERN_PROC_ALL || temp_op == KERN_PROC_PROC ? > 3 : 4, NULL, &size, NULL, 0); > [...] > > So, yes, ps isn't using sysctl directly, but kvm_getprocs is... And > if you look at -current's ps(1): > -a Display information about other users' processes as well as your > own. This will skip any processes which do not have a control- > ling terminal, unless the -x option is also specified. This can > be disabled by setting the security.bsd.see_other_uids sysctl to > zero. > > and security.bsd.see_other_uids defaults to 1... Check-mate ;) I am defeated!!! But at least it was illustrative (for me). But getting back on the topic, the prefered way is using kvm_getprocs(3) (for historic purposes on the list ;)) cheers and hugs, victor f. loureiro lima
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ac00e00a0707260957w575b7794vf1abe9c7d1506f3f>