From owner-freebsd-current  Fri Sep 18 10:37:06 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA25743
          for freebsd-current-outgoing; Fri, 18 Sep 1998 10:37:06 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from bleep.ishiboo.com (bleep.ishiboo.com [199.79.133.2])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id KAA25738
          for <freebsd-current@FreeBSD.ORG>; Fri, 18 Sep 1998 10:37:00 -0700 (PDT)
          (envelope-from nirva@ishiboo.com)
Received: (qmail 23135 invoked by uid 1000); 18 Sep 1998 17:36:26 -0000
Message-ID: <19980918133626.13813@bleep.ishiboo.com>
Date: Fri, 18 Sep 1998 13:36:26 -0400
From: Danny Dulai <nirva@ishiboo.com>
To: "David E. Cross" <crossd@cs.rpi.edu>
Cc: =?iso-8859-1?Q?Dag-Erling_Co=EFdanSm=F8rgrav?= <dag-erli@ifi.uio.no>,
        Andrzej Bialecki <abial@nask.pl>,
        Doug White <dwhite@resnet.uoregon.edu>, freebsd-current@FreeBSD.ORG
Subject: Re: Limit 'ps' to show only user's processes
References: <xzp4su56775.fsf@hati.ifi.uio.no> <Pine.BSF.4.02.9809180905180.984-100000@monica.cs.rpi.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Mailer: Mutt 0.88
In-Reply-To: <Pine.BSF.4.02.9809180905180.984-100000@monica.cs.rpi.edu>; from David E. Cross on Fri, Sep 18, 1998 at 09:05:48AM -0400
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Quoting David E. Cross (crossd@cs.rpi.edu):
> On 18 Sep 1998, Dag-Erling [iso-8859-1] Coïdan[iso-8859-1] Smørgrav wrote:
> 
> > > Make it impossible. The point is to hide this information from
> > > non-privileged users, and changing 'ps' only doesn't help much (I cna
> > > always recompile my own version).
> > 
> > No you can't. ps(1) is setgid kmem.
> 
> ls -la /proc

Also, you'd need to fix kill(2) and any other syscall that takes a
pid as an arg to return some incorrect error.

I could always write a program that needed no special privs:

    for (i=1; i<MAXPID; i++)
	if (kill(i, 0) >= 0 || errno != ESRCH)
	    printf("pid %d exists");

Now, this isnt giving you much information, but it is leaking the existence
of other pids, that arent owned by you.

-- 
___________________________________________________________________________
Danny Dulai                                           Feet. Pumice. Lotion.
http://www.ishiboo.com/~nirva/                            nirva@ishiboo.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message