From owner-freebsd-doc@FreeBSD.ORG Wed Jul 9 08:04:52 2003 Return-Path: Delivered-To: freebsd-doc@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2972237B401 for ; Wed, 9 Jul 2003 08:04:52 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79B8543F85 for ; Wed, 9 Jul 2003 08:04:51 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.9/8.12.3) with ESMTP id h69F4nib001339; Wed, 9 Jul 2003 08:04:49 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.9/8.12.3/Submit) id h69F4n7I001338; Wed, 9 Jul 2003 08:04:49 -0700 Date: Wed, 9 Jul 2003 08:04:49 -0700 From: Brooks Davis To: Vivenzio Pagliari Message-ID: <20030709150448.GB28375@Odin.AC.HMC.Edu> References: <200307091140.h69BeZQ12876@mailgate5.cinetic.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="hHWLQfXTYDoKhP50" Content-Disposition: inline In-Reply-To: <200307091140.h69BeZQ12876@mailgate5.cinetic.de> User-Agent: Mutt/1.5.4i X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu cc: freebsd-doc@freebsd.org Subject: Re: kvm_openfiles(3) manual page and procfs X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Jul 2003 15:04:52 -0000 --hHWLQfXTYDoKhP50 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 09, 2003 at 01:40:35PM +0200, Vivenzio Pagliari wrote: >=20 > First I read somewhere (unfortunately I cannot remember where), that > procfs is deprecated for getting information from and should not be used > because it is not secure. My question here is: Is this statement correct = and > if yes, why isn't procfs secure? (This question is somewhat off-topic for > freebsd-doc, but maybe someone can tell me ?!) We've deprecated it because it has been a major source of kernel vulnerabilities in the past and it's very difficult to get right. > Looking at some documentation and the sources of the ps program, > I've realized that the kvm_* familiy of functions serves this purpose in > FreeBSD. >=20 > In the ps source, I've noticed, that "/dev/null" is used for the first two > parameters of kvm_openfiles (the execfile and corefile arguments). > But this is not documented in the man page, which rather suggests to > use NULL or a kernel image as execfile and /dev/mem or dev/kmem > or NULL for corefile. Shoudn't the usage of "/dev/null" be documented > as well? I'd say it should be documented or the examples in existing code should be removed. If you submit a patch documenting it, someone would probably commit it. -- Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --hHWLQfXTYDoKhP50 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/DC8JXY6L6fI4GtQRAprhAJ4223xDcWrKogYBYOGJAgMh6h/PiwCgtlPe wwY+VqE/2ou97UAqeX74DsM= =hwht -----END PGP SIGNATURE----- --hHWLQfXTYDoKhP50--