Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 11 Sep 1999 14:12:00 +0200 (CEST)
From:      Blaz Zupan <blaz@gold.amis.net>
To:        freebsd-current@freebsd.org
Subject:   ps doesn't need privileges?
Message-ID:  <Pine.BSF.4.10.9909111406170.17275-100000@gold.amis.net>
next in thread | raw e-mail | index | archive | help 

Please don't flame me if I'm asking something stupid, but I'm a bit
confused. I always thought that /bin/ps needs to be setgid kmem to be able
to display the process list. And this in fact seems to be the fact under
2.2.8:

/home/blaz> uname -a
FreeBSD server.amis.net 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE #0: Mon Dec 14
19:22:23 CET 1998     blaz@server.amis.net:/usr/src/sys/compile/SERVER
i386 /home/blaz> ls -la /bin/ps
-r-xr-sr-x  1 bin  kmem  176128 Oct 26  1998 /bin/ps
/home/blaz> cp /bin/ps /tmp
/home/blaz> ls -la /tmp/ps
-r-xr-xr-x  1 blaz  bin  176128 Sep 11 14:08 /tmp/ps
/home/blaz> /tmp/ps ax
ps: /dev/mem: Permission denied

As expected, a copy of ps without setgid kmem can't display the process
list. But under 3.2 and higher, it is! Here is what happens under
4.0-CURRENT (same thing under 3.2):

/home/blaz> uname -a
FreeBSD gold.amis.net 4.0-CURRENT FreeBSD 4.0-CURRENT #0: Sat Sep  4
19:03:23 CEST 1999
blaz@gold.amis.net:/home/blaz/FreeBSD/src/sys/compile/GOLD  i386
/home/blaz> ls -la /bin/ps
-r-xr-sr-x  1 root  kmem  197820 Aug  7 12:42 /bin/ps*
/home/blaz> cp /bin/ps /tmp
/home/blaz> ls -la /tmp/ps
-r-xr-xr-x  1 blaz  wheel  197820 Sep 11 14:09 /tmp/ps*
/home/blaz> /tmp/ps ax
  PID  TT  STAT      TIME COMMAND
    0  ??  DLs    0:00.00  (swapper)
    1  ??  ILs    0:00.00  (init)
    2  ??  DL     0:00.00  (pagedaemon)
    3  ??  DL     0:00.00  (vmdaemon)
    4  ??  DL     0:00.00  (bufdaemon)
.....etc.

What am I missing? How is a totally unprivileged process able to display a
list of processes? 

Blaz Zupan, blaz@amis.net, http://www.herbie.amis.net
Medinet d.o.o., Linhartova 21, 2000 Maribor, Slovenia




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9909111406170.17275-100000>