From owner-freebsd-security  Wed Aug 12 20:31:25 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id UAA01122
          for freebsd-security-outgoing; Wed, 12 Aug 1998 20:31:25 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from brooklyn.slack.net (brooklyn.slack.net [206.41.21.102])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA01117
          for <freebsd-security@FreeBSD.ORG>; Wed, 12 Aug 1998 20:31:23 -0700 (PDT)
          (envelope-from andrewr@brooklyn.slack.net)
Received: from localhost (andrewr@localhost)
	by brooklyn.slack.net (8.8.7/8.8.7) with SMTP id XAA01716;
	Wed, 12 Aug 1998 23:38:48 -0400 (EDT)
Date: Wed, 12 Aug 1998 23:38:48 -0400 (EDT)
From: andrewr  <andrewr@slack.net>
To: ben@efn.org
cc: freebsd-security@FreeBSD.ORG
Subject: Re: Possible security "risk" in ftp client
In-Reply-To: <Pine.BSF.3.96.980812192424.22664A-100000@Tyr.office.EFN.org>
Message-ID: <Pine.NEB.3.96.980812233717.14086A-100000@brooklyn.slack.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Wed, 12 Aug 1998, Ben wrote:

> Maybe I'm mistaken, but ps(1) get's the info from /dev/kmem and /dev/mem and
> formats them according to /kernel, what would I need to patch?

su to a normal user, and:
cd /proc
ls -al  
cd <dir owned by root>
cat status






> 
> On Wed, 12 Aug 1998, andrewr wrote:
> 
> > 
> > 
> > On Wed, 12 Aug 1998, Ben wrote:
> > 
> > > For ps I made a patch that allows only root(or wheel, you pick) to use the
> > > flag '-a', otherwise the user attempting to use '-a' only gets his/her proc's.
> > 
> > Did you patch the kernel as well?  Caue if you didn't, it's useless. 
> 
> 	-ben@efn.org
> 
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message