Re: ps under FreeBSD

From: Crist J. Clark (crist.clarkat_private)
Date: Sun May 19 2002 - 01:18:38 PDT

Next message: capzlockat_private: "CAPZLOCK SECURITY ADVISORY NO. 1"

Previous message: Dave Ahmad: "Foundstone Advisory - Buffer Overflow in Ipswitch Imail 7.1 and prior (fwd)"
In reply to: Yuri A. Kabaenkov: "Re: ps under FreeBSD"
Next in thread: Torbjorn Kristoffersen: "Re: ps under FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, May 18, 2002 at 11:50:03PM +0400, Yuri A. Kabaenkov wrote:
> Hello Jakub,
> 
> Saturday, May 18, 2002, 10:40:38 PM, you wrote:
> 
> There is another bug with this sysctl variable.
> For example to see all processess with kern.ps_showallprocs=0 you can do this:
> 
> $ cd /proc;

The kern.ps_showallprocs sysctl(8) setting has absolutely no influence
on the procfs(5).

If you are interested in securing your system, you should not be
mounting a procfs(5) at all. It has a checkered security history, and
although there are no currently known holes (besides the treasure
trove of info it can leak), it is suspect. Very few things depend on
it (some obscure options of ps(1) are one of the few places it is
used).
-- 
Crist J. Clark                     |     cjclarkat_private
                                   |     cjclarkat_private
http://people.freebsd.org/~cjc/    |     cjcat_private

Next message: capzlockat_private: "CAPZLOCK SECURITY ADVISORY NO. 1"
Previous message: Dave Ahmad: "Foundstone Advisory - Buffer Overflow in Ipswitch Imail 7.1 and prior (fwd)"
In reply to: Yuri A. Kabaenkov: "Re: ps under FreeBSD"
Next in thread: Torbjorn Kristoffersen: "Re: ps under FreeBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 20 2002 - 16:25:13 PDT