Date: Wed, 12 Aug 1998 23:38:48 -0400 (EDT) From: andrewr <andrewr@slack.net> To: ben@efn.org Cc: freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client Message-ID: <Pine.NEB.3.96.980812233717.14086A-100000@brooklyn.slack.net> In-Reply-To: <Pine.BSF.3.96.980812192424.22664A-100000@Tyr.office.EFN.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 12 Aug 1998, Ben wrote: > Maybe I'm mistaken, but ps(1) get's the info from /dev/kmem and /dev/mem and > formats them according to /kernel, what would I need to patch? su to a normal user, and: cd /proc ls -al cd <dir owned by root> cat status > > On Wed, 12 Aug 1998, andrewr wrote: > > > > > > > On Wed, 12 Aug 1998, Ben wrote: > > > > > For ps I made a patch that allows only root(or wheel, you pick) to use the > > > flag '-a', otherwise the user attempting to use '-a' only gets his/her proc's. > > > > Did you patch the kernel as well? Caue if you didn't, it's useless. > > -ben@efn.org > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96.980812233717.14086A-100000>