From owner-freebsd-security Mon Dec 18 16:14:11 2000 From owner-freebsd-security@FreeBSD.ORG Mon Dec 18 16:14:09 2000 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from hex.databits.net (hex.databits.net [207.29.192.16]) by hub.freebsd.org (Postfix) with SMTP id 401AC37B402 for ; Mon, 18 Dec 2000 16:14:09 -0800 (PST) Received: (qmail 6608 invoked by uid 1001); 19 Dec 2000 00:13:44 -0000 Date: Mon, 18 Dec 2000 19:13:44 -0500 From: Pete Fritchman To: Tomasz Paszkowski Cc: freebsd-security@freebsd.org Subject: Re: procfs Message-ID: <20001218191344.B5569@databits.net> References: <20001219003737.C2567@genesis.k.pl> <20001219005756.A25653@genesis.k.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20001219005756.A25653@genesis.k.pl>; from ns88@k.pl on Tue, Dec 19, 2000 at 12:57:59AM +0100 Sender: petef@hex.databits.net Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org ++ 19/12/00 00:57 +0100 - Tomasz Paszkowski: > >I was asking why everyone can access entires on procfs, which belong >to proceses of other users ? > from the procfs(5) manpage: The process file system, or procfs, implements a view of the system pro- cess table inside the file system. It is normally mounted on /proc, and is required for the complete operation of programs such as ps(1) and w(1). Certain entries are readable by everyone and these show up in the output of commands such as ps(1). Certain entries in /proc// are not readable by the world because they may contain sensitive data (such as mem, etc). -pete To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message