Date: Sun, 28 Apr 2002 21:15:22 +0200 (CEST) From: Richard Arends <richard@unixguru.nl> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: Kris Kennaway <kris@obsecurity.org>, <current@FreeBSD.ORG> Subject: Re: truss Message-ID: <20020428210839.J52867-100000@mail.unixguru.nl> In-Reply-To: <Pine.NEB.3.96L.1020428145941.64976K-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 28 Apr 2002, Robert Watson wrote: > The rationale for disabling procfs is that its functionality is largely > redundant to existing sysctls and debugging mechanisms, and that it has > been, and will likely continue to be, an important source of system > security holes. Okay disable it :-) > I think truss is one of the last stragglers that relies on it -- > the other is 'ps -e', which gropes through the memory of each process to > dig out the environmental variables. This requires that ps both have > substantial privilege, and that procfs be present. Can't we take the privileges away, so that an user only can see his own procs and only root can see all?? Greetings, Richard. ---- An OS is like swiss cheese, the bigger it is, the more holes you get! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020428210839.J52867-100000>