From owner-freebsd-current Sun Apr 28 12:15:28 2002 Delivered-To: freebsd-current@freebsd.org Received: from mail.unixguru.nl (cc49923-a.emmen1.dr.nl.home.com [212.204.178.120]) by hub.freebsd.org (Postfix) with ESMTP id 8F48937B422; Sun, 28 Apr 2002 12:15:25 -0700 (PDT) Received: from mail (mail [192.168.10.4]) by mail.unixguru.nl (8.12.3/8.12.3) with ESMTP id g3SJFNEQ059308; Sun, 28 Apr 2002 21:15:23 +0200 (CEST) (envelope-from richard@unixguru.nl) Date: Sun, 28 Apr 2002 21:15:22 +0200 (CEST) From: Richard Arends To: Robert Watson Cc: Kris Kennaway , Subject: Re: truss In-Reply-To: Message-ID: <20020428210839.J52867-100000@mail.unixguru.nl> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sun, 28 Apr 2002, Robert Watson wrote: > The rationale for disabling procfs is that its functionality is largely > redundant to existing sysctls and debugging mechanisms, and that it has > been, and will likely continue to be, an important source of system > security holes. Okay disable it :-) > I think truss is one of the last stragglers that relies on it -- > the other is 'ps -e', which gropes through the memory of each process to > dig out the environmental variables. This requires that ps both have > substantial privilege, and that procfs be present. Can't we take the privileges away, so that an user only can see his own procs and only root can see all?? Greetings, Richard. ---- An OS is like swiss cheese, the bigger it is, the more holes you get! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message