From owner-freebsd-hackers@FreeBSD.ORG Thu Jul 26 16:57:19 2007 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 11BB616A419 for ; Thu, 26 Jul 2007 16:57:19 +0000 (UTC) (envelope-from victorloureirolima@gmail.com) Received: from nz-out-0506.google.com (nz-out-0506.google.com [64.233.162.236]) by mx1.freebsd.org (Postfix) with ESMTP id C03AB13C46A for ; Thu, 26 Jul 2007 16:57:18 +0000 (UTC) (envelope-from victorloureirolima@gmail.com) Received: by nz-out-0506.google.com with SMTP id l8so480378nzf for ; Thu, 26 Jul 2007 09:57:18 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=jC1wG2ey/Dcy+AFkSdMagTHTxTk4tAkry0CY7bt24ZnvIn07DW4iVbQfqSC7cgpfYISKTSexrYV6LEoskM6mEeIw/QaaUz6UThXx3dYeSSv3F2HBC1okVe8+iFGcYprPZMYcLjraXSNJVRO33bdUL4iGHPdE28VqF0Rs7Mclg3U= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=NNKmAtxj9uq01XKLLorpL0F3p3yMfyOQ0d5rf17ByQ0v+FKh/IDCeP338XKrNyvLH33vZJMJUt3RHx/7Ccd2xECpB7qDodjUyKSoRcWK1qH6xreItqIRy78jEMGqptsjuJBhukPgb7bHNV+yZad8UVaF1lPD47WaBlK8m5DF3hs= Received: by 10.114.126.1 with SMTP id y1mr1991877wac.1185469037303; Thu, 26 Jul 2007 09:57:17 -0700 (PDT) Received: by 10.114.177.7 with HTTP; Thu, 26 Jul 2007 09:57:17 -0700 (PDT) Message-ID: Date: Thu, 26 Jul 2007 13:57:17 -0300 From: "Victor Loureiro Lima" To: "John-Mark Gurney" , "Victor Loureiro Lima" , "Daniel Molina Wegener" , "FreeBSD Hackers" In-Reply-To: <20070726061225.GJ99491@funkthat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <200707232052.58485.dmw@unete.cl> <20070724184355.GH99491@funkthat.com> <20070724225157.GI99491@funkthat.com> <20070726061225.GJ99491@funkthat.com> Cc: Subject: Re: A few questions... X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Jul 2007 16:57:19 -0000 2007/7/26, John-Mark Gurney : > Victor Loureiro Lima wrote this message on Wed, Jul 25, 2007 at 12:14 -0300: > > 2007/7/24, John-Mark Gurney : > > >Victor Loureiro Lima wrote this message on Tue, Jul 24, 2007 at 16:35 > > >-0300: > > >> 2007/7/24, John-Mark Gurney : > > >> >Daniel Molina Wegener wrote this message on Mon, Jul 23, 2007 at 20:52 > > >> >-0400: > > >> >> a) Is there any function or variable that tells me which is the > > >> >> root user UID in the system, or root always have 0 and it's > > >> >> an "elegant" option to compare the variables or structure > > >> >> members against zero. > > >> > > > >> >#include > > >> > > > >> >uid == UID_ROOT > > >> > > > >> >> b) Can normal users look for system processes or kernel threads? > > >> > > > >> >Yes, ps does this... > > >> > > > >> > > >> ps(1) either elevates its priviledges during execution, or has some > > >> other way of medling into the afairs of other processes that will > > >> eventually need some higher priviledge status (either that, or I am > > >> really out-dated on modern operational systems) > > > > > >hydrogen,ttypm,/home/johng,503$ls -l /bin/ps > > >-r-xr-xr-x 1 root wheel 31372 May 8 2005 /bin/ps* > > > > > >So, as you see, no suid or sgid necessary for ps to function... > > >FreeBSD exports most/all of the info through sysctl which does not > > >require elevated privs to get... > > > > > >And ps doesn't medling.. it's just a voyeur.. > > hahaha I liked that phrase ;) > > > > > > Check this out: > > http://www.freebsd.org/cgi/cvsweb.cgi/src/bin/ps/ps.c?rev=1.106.2.2;content-type=text%2Fplain > > > > Turns out ps(1) uses libkvm, more specifically kvm_getprocs() function > > (the function that I said was in the middle of my last experience on > > getting process information from FreeBSD ;)) Im pretty sure it doesnt > > get _any_ of its info thru sysctl's, but using the kvm interface which > > is simple, clean and orthogonal, however I guess I was a little bit > > incorrect in my last email, ps(1) in its common execution mode will > > Have you looked at the source to kvm_getprocs(3)? > struct kinfo_proc * > kvm_getprocs(kd, op, arg, cnt) > [...] > { > [...] > if (ISALIVE(kd)) { > size = 0; > mib[0] = CTL_KERN; > mib[1] = KERN_PROC; > mib[2] = op; > mib[3] = arg; > temp_op = op & ~KERN_PROC_INC_THREAD; > st = sysctl(mib, > temp_op == KERN_PROC_ALL || temp_op == KERN_PROC_PROC ? > 3 : 4, NULL, &size, NULL, 0); > [...] > > So, yes, ps isn't using sysctl directly, but kvm_getprocs is... And > if you look at -current's ps(1): > -a Display information about other users' processes as well as your > own. This will skip any processes which do not have a control- > ling terminal, unless the -x option is also specified. This can > be disabled by setting the security.bsd.see_other_uids sysctl to > zero. > > and security.bsd.see_other_uids defaults to 1... Check-mate ;) I am defeated!!! But at least it was illustrative (for me). But getting back on the topic, the prefered way is using kvm_getprocs(3) (for historic purposes on the list ;)) cheers and hugs, victor f. loureiro lima