From owner-cvs-all  Wed Oct 10 12:52:49 2001
Delivered-To: cvs-all@freebsd.org
Received: from rover.village.org (rover.bsdimp.com [204.144.255.66])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5D9B337B407; Wed, 10 Oct 2001 12:52:40 -0700 (PDT)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.11.3/8.11.3) with ESMTP id f9AJqdu12953;
	Wed, 10 Oct 2001 13:52:39 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost [127.0.0.1])
	by harmony.village.org (8.11.6/8.11.6) with ESMTP id f9AJqb776963;
	Wed, 10 Oct 2001 13:52:38 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Message-Id: <200110101952.f9AJqb776963@harmony.village.org>
To: Dag-Erling Smorgrav <des@ofug.org>
Subject: Re: cvs commit: src/sys/kern kern_proc.c kern_prot.c uipc_socket.c uipc_usrreq.c src/sys/netinet raw_ip.c tcp_subr.c udp_usrreq.c 
Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>,
	cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
In-reply-to: Your message of "10 Oct 2001 17:53:16 +0200."
		<xzpy9mjfq4z.fsf@flood.ping.uio.no> 
References: <xzpy9mjfq4z.fsf@flood.ping.uio.no>  <200110092140.f99LeVA74145@freefall.freebsd.org> <xzp7ku3h6c8.fsf@flood.ping.uio.no> <200110101522.f9AFM0S63283@khavrinen.lcs.mit.edu> 
Date: Wed, 10 Oct 2001 13:52:37 -0600
From: Warner Losh <imp@harmony.village.org>
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

In message <xzpy9mjfq4z.fsf@flood.ping.uio.no> Dag-Erling Smorgrav writes:
: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> writes:
: > <<On 10 Oct 2001 17:17:59 +0200, Dag-Erling Smorgrav <des@ofug.org> said:
: > > > "Unprivileged processes may see subjects/objects with different real uid"
: > > Would people mind a lot if this variable defaulted to 0?
: > Hell yes.
: 
: That's not a constructive response.
: 
: To me, the ability of unprivileged users to obtain information about
: other users' processes and sockets is
: 
:  a) unnecessary
:  b) a violation of privacy
:  c) a security risk
: 
: Unless you can provide an argument showing that this is necessary to
: the correct operation of a FreeBSD system, I'll simply ignore your
: contribution to this discussion.

It violates POLA and would piss off a lot of people.  It is an fairly
major worldview change for a stable branch, but 5.0 could introduce
this as the new default.

And it isn't a security risk for properly written programs.

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message