From owner-freebsd-current  Sun Apr 28 12: 3:14 2002
Delivered-To: freebsd-current@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP id 774E137B419
	for <current@FreeBSD.ORG>; Sun, 28 Apr 2002 12:03:08 -0700 (PDT)
Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.11.6/8.11.6) with SMTP id g3SJ2hw98363;
	Sun, 28 Apr 2002 15:02:43 -0400 (EDT)
	(envelope-from robert@fledge.watson.org)
Date: Sun, 28 Apr 2002 15:02:42 -0400 (EDT)
From: Robert Watson <rwatson@FreeBSD.ORG>
X-Sender: robert@fledge.watson.org
To: Richard Arends <richard@unixguru.nl>
Cc: Kris Kennaway <kris@obsecurity.org>, current@FreeBSD.ORG
Subject: Re: truss
In-Reply-To: <20020428204804.V44029-100000@mail.unixguru.nl>
Message-ID: <Pine.NEB.3.96L.1020428145941.64976K-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


On Sun, 28 Apr 2002, Richard Arends wrote:

> On Sun, 28 Apr 2002, Kris Kennaway wrote:
> 
> > procfs is not mounted by default.
> 
> New to current (one day old baby :-), so didn't know that. sorry()
> 
> Why isn't it mounted by default??

I believe DES has a largely rewritten version of truss that doesn't use
procfs.  When I disabled procfs in sysinstall, I did it thinking that had
already been committed, but it turned out not to have been.  Hopefully
he'll get it finished and committed sometime soon.  The rationale for
disabling procfs is that its functionality is largely redundant to
existing sysctls and debugging mechanisms, and that it has been, and will
likely continue to be, an important source of system security holes.  The
very nature of procfs (mapping one kernel abstraction into another with
different security properties) is part of what makes that likely.  In
fact, if it's not already on the "how to harden your system list",
unmounting procfs should be at the top of it :-).  I think truss is one of
the last stragglers that relies on it -- the other is 'ps -e', which
gropes through the memory of each process to dig out the environmental
variables.  This requires that ps both have substantial privilege, and
that procfs be present. 

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org      NAI Labs, Safeport Network Services



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message