Date: Mon, 15 Nov 1999 16:27:12 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Garance A Drosihn <drosih@rpi.edu> Cc: Lyndon Nerenberg <lyndon@orthanc.ab.ca>, current@FreeBSD.ORG Subject: Re: ps -e Message-ID: <199911160027.QAA46037@apollo.backplane.com> References: <199911152248.dAFMmaQ18726@orthanc.ab.ca> <v04210102b4564d03f393@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
:> Matthew> Why don't we get rid of the 'e' option to ps while we
:> Matthew> are at it considering how much of a security hole it is.
:>
:>I wouldn't nuke it completely. Make -e a noop unless the real uid ps
:>is running with matches the effective uid of the process being reported.
:>And if ps is invoked with a real uid of 0, -e works as it does now.
:
:I'd favor something like this. The unixes I am most used to did not
:have '-e' as an option, and I had two immediate reactions when I found
:freebsd's did:
: 1) wow, this is great for debugging a problem I'm having
: 2) yikes, what a security exposure! (I have some scripts
: where a password is passed from one script to another
: one via an environment variable...)
Yes, or by 'root'. Personally, I would like to see the option removed
entirely. I don't think a half-measure would improve the security
problem much.
:So, I'd like to have it for debugging my own processes, but
:...
:Garance Alistair Drosehn = gad@eclipse.acs.rpi.edu
gdb.
I shudder to think that people might actually start depending on this
non-feature. Better for it to just go away.
-Matt
-Matt
Matthew Dillon
<dillon@backplane.com>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911160027.QAA46037>