Date: Mon, 21 Aug 2000 15:51:59 -0400 From: Bill Fumerola <billf@chimesnet.com> To: FengYue <fengyue@bluerose.windmoon.nu> Cc: Mike <mike@mikesweb.com>, James Housley <jim@thehousleys.net>, freebsd-isp@FreeBSD.ORG Subject: Re: ps question Message-ID: <20000821155159.F65562@jade.chc-chimes.com> In-Reply-To: <Pine.BSF.4.10.10008211250290.14234-100000@bluerose.windmoon.nu>; from fengyue@bluerose.windmoon.nu on Mon, Aug 21, 2000 at 12:53:53PM -0700 References: <4.3.2.7.2.20000821014336.00b81aa0@127.0.0.1> <Pine.BSF.4.10.10008211250290.14234-100000@bluerose.windmoon.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Aug 21, 2000 at 12:53:53PM -0700, FengYue wrote:
>
> What's the use of all those hacks in ps code? People can simply either
> access /proc or directly call kvm_* () functions to get a full list of
> processes running on the machine, or even simply ftp a ps binary
> from another freebsd machine.
Exactly. If you don't want users snooping around, installing a watered
down ps(1) isn't going to help much.
Unmounting /proc may help, not giving users that would abuse an account
might help, giving users restricted shells might help, a bullet in the
head of people who abuse your system might help, but a watered down ps(1)
sadly won't.
--
Bill Fumerola - Network Architect, BOFH / Chimes, Inc.
billf@chimesnet.com / billf@FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000821155159.F65562>