On Monday, 15 November 1999 at 16:27:12 -0800, Matthew Dillon wrote:
> :> Matthew> Why don't we get rid of the 'e' option to ps while we
> :> Matthew> are at it considering how much of a security hole it is.
> :>
> :>I wouldn't nuke it completely. Make -e a noop unless the real uid ps
> :>is running with matches the effective uid of the process being reported.
> :>And if ps is invoked with a real uid of 0, -e works as it does now.
> :
> :I'd favor something like this. The unixes I am most used to did not
> :have '-e' as an option, and I had two immediate reactions when I found
> :freebsd's did:
> : 1) wow, this is great for debugging a problem I'm having
> : 2) yikes, what a security exposure! (I have some scripts
> : where a password is passed from one script to another
> : one via an environment variable...)
>
> Yes, or by 'root'. Personally, I would like to see the option removed
> entirely. I don't think a half-measure would improve the security
> problem much.
>
> :So, I'd like to have it for debugging my own processes, but
> :...
> :Garance Alistair Drosehn = [EMAIL PROTECTED]
>
> gdb.
>
> I shudder to think that people might actually start depending on this
> non-feature. Better for it to just go away.
Looks like another case for a config knob.
Greg
--
Finger [EMAIL PROTECTED] for PGP public key
See complete headers for address and phone numbers
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
