From owner-freebsd-current Tue Nov 16 2:26:32 1999 Delivered-To: freebsd-current@freebsd.org Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by hub.freebsd.org (Postfix) with SMTP id 680B714CAC; Tue, 16 Nov 1999 02:26:27 -0800 (PST) (envelope-from dwmalone@maths.tcd.ie) Received: from walton.maths.tcd.ie by salmon.maths.tcd.ie with SMTP id ; 16 Nov 1999 10:26:27 +0000 (GMT) Date: Tue, 16 Nov 1999 10:26:27 +0000 From: David Malone To: Matthew Dillon Cc: Poul-Henning Kamp , current@FreeBSD.ORG Subject: Re: PATCH for testing Message-ID: <19991116102627.A96298@walton.maths.tcd.ie> References: <22209.942703421@critter.freebsd.dk> <199911152218.OAA45512@apollo.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: <199911152218.OAA45512@apollo.backplane.com> Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Nov 15, 1999 at 02:18:24PM -0800, Matthew Dillon wrote: > Why don't we get rid of the 'e' option to ps while we are at it > considering how much of a security hole it is. I've never liked the > 'e' option. If we get rid of the 'e' option we should also get rid of showing the command line args - both might leak private data. Anyone writing programs which don't want to leak data should know not to put it on the command line or in the environment. If the 'e' option is removed from FreeBSD it doesn't make the life of anyone writing programs any easier 'cos other versions of Unix will continue to expose the environment variables. Also, setting environment variables is a simple way of exporting data from a program. For example you can set variables in hosts.allow saying where the connection the created the process came from and then examine this with ps -e later. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message