Date: Tue, 23 Nov 1999 22:10:44 -0500 From: Forrest Aldrich <forrie@forrie.com> To: freebsd-current@FreeBSD.ORG Cc: security@FreeBSD.ORG Subject: Re: ps on 4.0-current Message-ID: <4.2.2.19991123220915.00ab0c00@216.67.12.69> In-Reply-To: <31375.943401255@critter.freebsd.dk> References: <Your message of "Tue, 23 Nov 1999 23:52:49 GMT." <199911232352.XAA01547@hak.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I seem to recall that conversation here in the mailing list. How about a system configuration variable that determines what info like ps (and friends) can access? Personally, I would just prefer to leave it be. There are too many other potential problems with scripts and such that depend upon the info PS provides. *shrug* :) _F At 12:54 AM 11/24/99 +0100, Poul-Henning Kamp wrote: >In message <199911232352.XAA01547@hak.lan.Awfulhak.org>, Brian Somers writes: > >> In the last episode (Nov 23), Brian Somers said: > >> > $ ps jtva > >> > USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND > >> > root 222 1 222 9dac40 0 Is+ va 0:00.01 (getty) > >> > $ sudo ps jtva > >> > USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND > >> > root 222 1 222 9dac40 0 Is+ va 0:00.01 > /usr/libexec/getty Pc tt > >> > $ head -1 /etc/motd > >> > FreeBSD 4.0-CURRENT (HAK) #9: Mon Nov 22 01:09:55 GMT 1999 > >> > > >> > This looks a bit wrong.... > >> > >> Now that does look weird. After a bit more investigation, it looks > >> like you can only get the full commandline of your own processes. Root > >> can see all commandlines. > > >Any comments Poul ? Is this anything to do with the recent command > >line buffering ? > >Yes, I changed it to this behaviour at warners asking (I think he had >the security-meister hard-hat on at the time). > >I'm personally leaning towards the opinion that the argv is public >property and should be visible, but then again, I can see the point >in hiding it in some circumstances. > >I'll stick a sysctl in there which defaults to the "open" position >and people who need to hide it can set it to "close" to do so. > >Will this satisfy everybody ? > >Warner ? > >-- >Poul-Henning Kamp FreeBSD coreteam member >phk@FreeBSD.ORG "Real hackers run -current on their laptop." >FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.2.2.19991123220915.00ab0c00>