Re: ps -e
On Monday, 15 November 1999 at 16:27:12 -0800, Matthew Dillon wrote: > :>Matthew> Why don't we get rid of the 'e' option to ps while we > :>Matthew> are at it considering how much of a security hole it is. > :> > :>I wouldn't nuke it completely. Make -e a noop unless the real uid ps > :>is running with matches the effective uid of the process being reported. > :>And if ps is invoked with a real uid of 0, -e works as it does now. > : > :I'd favor something like this. The unixes I am most used to did not > :have '-e' as an option, and I had two immediate reactions when I found > :freebsd's did: > :1) wow, this is great for debugging a problem I'm having > :2) yikes, what a security exposure! (I have some scripts > : where a password is passed from one script to another > : one via an environment variable...) > > Yes, or by 'root'. Personally, I would like to see the option removed > entirely. I don't think a half-measure would improve the security > problem much. > > :So, I'd like to have it for debugging my own processes, but > :... > :Garance Alistair Drosehn = [EMAIL PROTECTED] > > gdb. > > I shudder to think that people might actually start depending on this > non-feature. Better for it to just go away. Looks like another case for a config knob. Greg -- Finger [EMAIL PROTECTED] for PGP public key See complete headers for address and phone numbers To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ps -e
On Mon, 15 Nov 1999 16:27:12 PST, Matthew Dillon wrote: > I shudder to think that people might actually start depending on this > non-feature. Your shuddering comes too late. :-) Ciao, Sheldon. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ps -e
:>Matthew> Why don't we get rid of the 'e' option to ps while we :>Matthew> are at it considering how much of a security hole it is. :> :>I wouldn't nuke it completely. Make -e a noop unless the real uid ps :>is running with matches the effective uid of the process being reported. :>And if ps is invoked with a real uid of 0, -e works as it does now. : :I'd favor something like this. The unixes I am most used to did not :have '-e' as an option, and I had two immediate reactions when I found :freebsd's did: :1) wow, this is great for debugging a problem I'm having :2) yikes, what a security exposure! (I have some scripts : where a password is passed from one script to another : one via an environment variable...) Yes, or by 'root'. Personally, I would like to see the option removed entirely. I don't think a half-measure would improve the security problem much. :So, I'd like to have it for debugging my own processes, but :... :Garance Alistair Drosehn = [EMAIL PROTECTED] gdb. I shudder to think that people might actually start depending on this non-feature. Better for it to just go away. -Matt -Matt Matthew Dillon <[EMAIL PROTECTED]> To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message
Re: ps -e
At 3:48 PM -0700 11/15/99, Lyndon Nerenberg wrote: > > "Matthew" == Matthew Dillon <[EMAIL PROTECTED]> writes: > >Matthew> Why don't we get rid of the 'e' option to ps while we >Matthew> are at it considering how much of a security hole it is. > >I wouldn't nuke it completely. Make -e a noop unless the real uid ps >is running with matches the effective uid of the process being reported. >And if ps is invoked with a real uid of 0, -e works as it does now. I'd favor something like this. The unixes I am most used to did not have '-e' as an option, and I had two immediate reactions when I found freebsd's did: 1) wow, this is great for debugging a problem I'm having 2) yikes, what a security exposure! (I have some scripts where a password is passed from one script to another one via an environment variable...) So, I'd like to have it for debugging my own processes, but reduce the security implications of letting everyone else also do it on my own processes... I realize this doesn't eliminate the security exposure, but at least it reduces it some. --- Garance Alistair Drosehn = [EMAIL PROTECTED] Senior Systems Programmer or [EMAIL PROTECTED] Rensselaer Polytechnic Institute To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message