What You think about something like that:
[17:33:39] [ttyv8] [61] leila:root:/sys/miscfs/procfs# diff procfs_subr.c.orig
procfs_subr.c
42a43
> #include <sys/kernel.h>
80a82,119
>
> SYSCTL_NODE(_vfs, OID_AUTO, procfs, CTLFLAG_RW, 0, "vfs-procfs-level");
>
> int procfsumask = 077;
>
> static int
> sysctl_vfs_procfsumask(SYSCTL_HANDLER_ARGS)
> {
> int error, umask, mn, pfsu, tmpumask;
>
> pfsu = procfsumask;
> for (umask = 0, mn = 1; pfsu > 0; mn *= 10) {
> umask += (pfsu % 8) * mn;
> pfsu /= 8;
> }
>
> error = sysctl_handle_int(oidp, &umask, 0, req);
>
> if (error || !req->newptr)
> return (error);
>
> tmpumask = pfsu = umask;
> for (umask = 0, mn = 1; pfsu > 0; mn *= 8) {
> umask += (pfsu % 10) << mn;
> pfsu /= 10;
> }
>
> if (tmpumask < 0 || tmpumask > 0777)
> return (EPERM);
>
> procfsumask = tmpumask;
>
> return (error);
> }
>
> SYSCTL_PROC(_vfs_procfs, OID_AUTO, umask, CTLTYPE_INT|CTLFLAG_RW,
> 0, 0, sysctl_vfs_procfsumask, "I", "Current procfs umask");
>
203a243,245
>
> if (pfs->pfs_type != Pcurproc)
> pfs->pfs_mode &= ~procfsumask;
This gives us new sysctl (vfs.procfs.umask) and with this we can control
permissions of procfs files (this works like umask(2)).
Or maybe just:
[17:33:39] [ttyv8] [61] leila:root:/sys/miscfs/procfs# diff procfs_subr.c.orig
procfs_subr.c.2
51a52,53
> extern int ps_showallprocs;
>
203a206,208
>
> if ((!ps_showallprocs) && pfs->pfs_type != Pcurproc)
> pfs->pfs_mode &= 0700;
Hmm?
--
Paweł Jakub Dawidek
UNIX Systems Administrator
http://garage.freebsd.pl
Am I Evil? Yes, I Am.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
