Date: Fri, 18 Sep 1998 23:18:43 -0400 (EDT) From: Robert Watson <robert@cyrus.watson.org> To: Danny Dulai <nirva@ishiboo.com> Cc: "David E. Cross" <crossd@cs.rpi.edu>, =?iso-8859-1?Q?Dag-Erling_Co=EFdanSm=F8rgrav?= <dag-erli@ifi.uio.no>, Andrzej Bialecki <abial@nask.pl>, Doug White <dwhite@resnet.uoregon.edu>, freebsd-current@FreeBSD.ORG Subject: Re: Limit 'ps' to show only user's processes Message-ID: <Pine.BSF.3.96.980918231631.13698A-100000@fledge.watson.org> In-Reply-To: <19980918133626.13813@bleep.ishiboo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I don't think there is any way to hide the existence of other processes --
a process that performs:
int i, lasti;
while (1) {
i = fork();
if (!i) {
exit(0);
}
if (i != lasti + 1) {
....
I think the real goal here is to limit the availability of the command
line arguments and environmental variables, and possibly (probably) also
the executable in use. That should not be too hard if all utilities that
munge this data out of kmem are finally moved to using /proc...
On Fri, 18 Sep 1998, Danny Dulai wrote:
> Quoting David E. Cross (crossd@cs.rpi.edu):
> > On 18 Sep 1998, Dag-Erling [iso-8859-1] Coïdan[iso-8859-1] Smørgrav wrote:
> >
> > > > Make it impossible. The point is to hide this information from
> > > > non-privileged users, and changing 'ps' only doesn't help much (I cna
> > > > always recompile my own version).
> > >
> > > No you can't. ps(1) is setgid kmem.
> >
> > ls -la /proc
>
> Also, you'd need to fix kill(2) and any other syscall that takes a
> pid as an arg to return some incorrect error.
>
> I could always write a program that needed no special privs:
>
> for (i=1; i<MAXPID; i++)
> if (kill(i, 0) >= 0 || errno != ESRCH)
> printf("pid %d exists");
>
> Now, this isnt giving you much information, but it is leaking the existence
> of other pids, that arent owned by you.
>
> --
> ___________________________________________________________________________
> Danny Dulai Feet. Pumice. Lotion.
> http://www.ishiboo.com/~nirva/ nirva@ishiboo.com
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-current" in the body of the message
>
Robert N Watson
Carnegie Mellon University http://www.cmu.edu/
TIS Labs at Network Associates, Inc. http://www.tis.com/
SafePort Network Services http://www.safeport.com/
robert@fledge.watson.org http://www.watson.org/~robert/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980918231631.13698A-100000>