Poul-Henning Kamp wrote:
> In message <[EMAIL PROTECTED]>, Sheldon Hearn writes:
> >
> >
> >On Tue, 16 Nov 1999 07:19:52 +0100, Poul-Henning Kamp wrote:
> >
> >> > Why don't we get rid of the 'e' option to ps while we are at it
> >> > considering how much of a security hole it is.
> >>
> >> Hmm, well, I like to have it around for root at least...
> >
> >Exactly.
> >
> >In a perfect world, the -e option will only allow inspection of the
> >environment of processes for which the owner of the ps process has
> >sufficient priveledge.
>
> Yes that makes sense, because if all comes to all they could attach
> a debugger and find it that way anyway.
If the command line is obtained other ways, then the easiest way to implement
this should be to delay opening the mem file until it's required and turn
off the setgid bit for the open. Or better yet, turn off setgid entirely
and use sysctl and eproc for everything, but allow -e to work if the user
could open /proc/*/mem.. Or something like that.
Cheers,
-Peter
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
