From owner-freebsd-security  Wed Aug 12 14:44:10 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id OAA18330
          for freebsd-security-outgoing; Wed, 12 Aug 1998 14:44:10 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from Tyr.office.EFN.org ([204.214.99.45])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id OAA18324
          for <freebsd-security@FreeBSD.ORG>; Wed, 12 Aug 1998 14:44:08 -0700 (PDT)
          (envelope-from spy@tyr.office.efn.org)
Received: from Tyr.office.EFN.org (IDENT:spy@Tyr.office.EFN.org [204.214.99.45])
	by Tyr.office.EFN.org (8.9.1/8.9.1) with SMTP id OAA21026;
	Wed, 12 Aug 1998 14:42:26 -0700 (PDT)
Date: Wed, 12 Aug 1998 14:42:25 -0700 (PDT)
From: Ben <spy@tyr.office.efn.org>
Reply-To: ben@efn.org
To: andrewr <andrewr@slack.net>
cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
        Marc Slemko <marcs@znep.com>, "Mark J. Taylor" <mtaylor@cybernet.com>,
        freebsd-security@FreeBSD.ORG
Subject: Re: Possible security "risk" in ftp client
In-Reply-To: <Pine.NEB.3.96.980811213226.17677B-100000@brooklyn.slack.net>
Message-ID: <Pine.BSF.3.96.980812134552.20149A-100000@Tyr.office.EFN.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Tue, 11 Aug 1998, andrewr wrote:

> On Tue, 11 Aug 1998, Garrett Wollman wrote:
> 
> > 
> > I think there are good reasons (and this is one of them) to disable
> > the environment-dumping option of ps.  Unfortunately it is probably
> > too well-entrenched to kill.  I had totally forgotten about it until
> > this discussion began.
> > 
> > -GAWollman
> 
> For awhile now, I've been wanting to change alot of things dealing with ps
> and proc.  What I mean is, privacy.  I believe there should be an option
> on install or perhaps a patch to ps(1), w(1), and who knows what others,
> that will not allow normal users to view the processes of other normal
> users (or superusers for that matter).  However, /proc is a way for a
> normal user to view what programs are being run for what id, and the uid
> is easy enough see (ls -l), (thanks jtb).  Don't you think this should be
> an optional patch? 

For ps I made a patch that allows only root(or wheel, you pick) to use the
flag '-a', otherwise the user attempting to use '-a' only gets his/her proc's.

Available at:
http://www.efn.org/~ben/ps/diff.txt 
	For the diff between the 2.2.7-RELEASE ps.c and mine.
		(/usr/src/bin/ps.c)
http://www.efn.org/~ben/ps/results.txt
	Demonstration of it in action.
http://www.efn.org/~ben/ps/ps.c
http://www.efn.org/~ben/ps/ps.old.c
	My ps.c and the old ps.c.
http://www.efn.org/~ben/ps/ps.root.gz
http://www.efn.org/~ben/ps/ps.wheel.gz
	Binaries for 2.2.7 that allow only root, or wheel to use the 
	 -a flag correctly.

> 
> Andrew

	-ben@efn.org EFN News Administrator.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message