Date: Sun, 12 Sep 1999 04:15:47 +0800 From: Peter Wemm <peter@netplex.com.au> To: chris@calldei.com Cc: Blaz Zupan <blaz@gold.amis.net>, freebsd-current@FreeBSD.ORG Subject: Re: ps doesn't need privileges? Message-ID: <19990911201547.D87741CAE@overcee.netplex.com.au> In-Reply-To: Your message of "Sat, 11 Sep 1999 13:22:07 EST." <19990911132207.J906@holly.dyndns.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris Costello wrote: > On Sun, Sep 12, 1999, Peter Wemm wrote: > > Now that I think about it, it shouldn't be too hard (TM) to finish off the > > /proc/pid/cmdline stuff so that ps didn't need to access /mem and didn't > > need setgid at all. > > What about the `e' flag? I'm of the opinion that this particular beastie should be restricted to seeing your own processes only (unless you're root). Implementing /proc/pid/cmdline (globally readable) and /proc/pid/environ (user, group kmem readable only), and turning off setgid kmem for ps. I've lost count of the number of things that want you to do things like: setenv CVSPASSWORD foo etc. Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990911201547.D87741CAE>