Date: Tue, 22 Aug 2000 16:40:58 -0400 From: Mike <mike@mikesweb.com> To: Paul Saab <paul@mu.org> Cc: freebsd-isp@FreeBSD.ORG Subject: Re: ps question Message-ID: <4.3.2.7.2.20000822163954.00b2b530@127.0.0.1> In-Reply-To: <20000822103932.A62542@elvis.mu.org> References: <20000821155159.F65562@jade.chc-chimes.com> <4.3.2.7.2.20000821014336.00b81aa0@127.0.0.1> <Pine.BSF.4.10.10008211250290.14234-100000@bluerose.windmoon.nu> <20000821155159.F65562@jade.chc-chimes.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Actually, I disallowed the use of sysctl for everyone except root.. At 10:39 AM 8/22/2000 -0700, Paul Saab wrote: >Bill Fumerola (billf@chimesnet.com) wrote: > > On Mon, Aug 21, 2000 at 12:53:53PM -0700, FengYue wrote: > > > > > > What's the use of all those hacks in ps code? People can simply either > > > access /proc or directly call kvm_* () functions to get a full list of > > > processes running on the machine, or even simply ftp a ps binary > > > from another freebsd machine. > > > > Exactly. If you don't want users snooping around, installing a watered > > down ps(1) isn't going to help much. > > > > Unmounting /proc may help, not giving users that would abuse an account > > might help, giving users restricted shells might help, a bullet in the > > head of people who abuse your system might help, but a watered down ps(1) > > sadly won't. > >Not only that, you still have access to the sysctl as any user to pull >all the processes, so a watered down ps isn't going to help, but this >patch will.. :) > >If I get some time, I can do somethign similar for procfs. > >paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20000822163954.00b2b530>