From owner-freebsd-current  Thu Feb 18 16:17:32 1999
Delivered-To: freebsd-current@freebsd.org
Received: from rembrandt.esys.ca (rembrandt.esys.ca [198.161.92.131])
	by hub.freebsd.org (Postfix) with ESMTP id 7FDC911C5B
	for <freebsd-current@FreeBSD.ORG>; Thu, 18 Feb 1999 16:17:26 -0800 (PST)
	(envelope-from lyndon@execmail.ca)
Received: from zappa.esys.ca (zappa.esys.ca [198.161.92.28])
	by rembrandt.esys.ca (2.1/8.9.1/Execmail 2.1) with ESMTP id RAA05318;
	Thu, 18 Feb 1999 17:17:21 -0700
Date: Thu, 18 Feb 1999 17:17:17 -0700
From: Lyndon Nerenberg <lyndon@execmail.com>
X-Sender: lyndon@zappa.esys.ca
To: Nate Williams <nate@mt.sri.com>
Cc: "Dan - Sr. Admin" <dm@globalserve.net>,
	freebsd-current@FreeBSD.ORG
Subject: Re: paranoid patches
In-Reply-To: <199902181949.MAA10630@mt.sri.com>
Message-ID: <Pine.SGI.4.05.9902181715180.61630-100000@zappa.esys.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

> > Basically, it is a patch into libkvm and w, that will allow a user (with
> > the exception to the super user, naturally) to only view processes or 
> > information belonging to him/herself.

> The only problem with this is setuid binaries.  The processes may have
> been started by me (top, etc..), but this wouldn't allow me to monitor
> the process once it's started.

And, anything that can read /dev/[k]mem is free to bypass libkvm and just
grovel around in the kernel memory space, anyway.

--lyndon



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message