From owner-freebsd-isp  Sun Aug 20 19:11:29 2000
Delivered-To: freebsd-isp@freebsd.org
Received: from thehousleys.net (frenchknot.ne.mediaone.net [24.147.224.201])
	by hub.freebsd.org (Postfix) with ESMTP id 6346137B42C
	for <freebsd-isp@FreeBSD.ORG>; Sun, 20 Aug 2000 19:11:26 -0700 (PDT)
Received: from thehousleys.net (baby.int.thehousleys.net. [192.168.0.24])
	by thehousleys.net (8.9.3/8.9.3) with ESMTP id WAA56089;
	Sun, 20 Aug 2000 22:11:09 -0400 (EDT)
	(envelope-from jim@thehousleys.net)
Message-ID: <39A08FBD.5CAF9137@thehousleys.net>
Date: Sun, 20 Aug 2000 22:11:09 -0400
From: James Housley <jim@thehousleys.net>
Organization: The Housleys dot Net
X-Mailer: Mozilla 4.73 [en] (X11; U; FreeBSD 4.1-STABLE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Mike <mike@mikesweb.com>, freebsd-isp@FreeBSD.ORG
Subject: Re: ps question
References: <4.3.2.7.2.20000820205038.00b2b648@127.0.0.1> <20000820205802.B27829@databits.net>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

++ 20/08/00 20:51 -0400 - Mike:
>Quick question, how do I make 'ps' work so no matter how users run it, it
>only shows them their processes, and only root can see what -a would display?
>thanks

It shouldn't be too hard or re-write ps so that at the top while/after
processing the command line args the user-id is checked, getuid(2)?.  If
it is is ZERO then nothing special.  If it is not ZERO then limit.

Here is a very simple hack:
--- ps.c        Thu Jul 13 14:16:49 2000
+++ ps-limited.c        Sun Aug 20 22:09:53 2000
@@ -121,6 +121,7 @@
        dev_t ttydev;
        pid_t pid;
        uid_t uid;
+       int isroot;
        int all, ch, flag, i, fmt, lineno, nentries, dropgid;
        int prtheader, wflag, what, xflg;
        char *nlistf, *memf, *swapf, errbuf[_POSIX2_LINE_MAX];
@@ -138,6 +139,10 @@
        if (argc > 1)
                argv[1] = kludge_oldps_options(argv[1]);
 
+       if (getuid() == 0 || getgid() == 0)
+               isroot = 1;
+       else
+               isroot = 0;
        all = fmt = prtheader = wflag = xflg = 0;
        pid = -1;
        uid = (uid_t) -1;
@@ -152,7 +157,8 @@
 #endif
                switch((char)ch) {
                case 'a':
-                       all = 1;
+                       if (isroot)
+                               all = 1;
                        break;
                case 'C':
                        rawcpu = 1;

Jim
-- 
"Eagles may soar, but weasels don't get sucked into jet engines"
    -- Anon


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message