There was already a phrack article on this for linux, but I was unable to dig up anything for FreeBSD's ps(1). The ps(1) command for FreeBSD can be used to show environment variable for user proccesses running as you, or other users. While not a bug itself, this will allow you to view certain things, i.e. is root logged on?, FTP_SERVER, FTP_PASSWORD, or if the machine is a dialup box, and ppp is dialing at the time you execute ps(1) you will be able to view the password and login for their account. For privacy reasons I made patches that only allow ps(1) to show the proccesses for the user running it, making the '-a' flag go away, unless your uid or gid is 0. The diff for FreeBSD-2.2.7: 125,128c125 < /* I added all_(g|u)id int's for the "all" case < * int all, ch, flag, i, fmt, lineno, nentries; < */ < int all_uid, all_gid, all, ch, flag, i, fmt, lineno, nentries; --- > int all, ch, flag, i, fmt, lineno, nentries; 146,148d142 < /* get the u and g id's of the user for all case checking. */ < all_uid = getuid(); < all_gid = getgid(); 161,169d154 < /* this is set to gid because I want all wheel < * members to be able to get '-a' output < * if you only want root to be granted this ability < * set this line to. < * if (all_uid != 0) < */ < if (all_gid != 0) < all = 0; < else -benat_private EFnet: ben
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:12:36 PDT