Or another way of phrasing it. Clearly the patch stops a venue by which unprivleged users who can execute arbitrary code can obtain argv information, but in my ignorance I have no way of knowing whether or not there are other venues without combing over the source.
On Fri, Feb 3, 2012 at 12:50 AM, Ted Unangst <t...@tedunangst.com> wrote: > On Thu, Feb 02, 2012, Paul Dejean wrote: >> I'll start working on a patch (even though it'll take me forever) if I >> can be confident it wouldn't be vetoed because people don't like the >> concept. > > It shouldn't take long at all. You are looking for the > sysctl_proc_args function in sys/kern/kern_sysctl.c. That said, I > don't think the idea is super popular.