On Sat, May 18, 2002 at 11:50:03PM +0400, Yuri A. Kabaenkov wrote: > Hello Jakub, > > Saturday, May 18, 2002, 10:40:38 PM, you wrote: > > There is another bug with this sysctl variable. > For example to see all processess with kern.ps_showallprocs=0 you can do this: > > $ cd /proc; The kern.ps_showallprocs sysctl(8) setting has absolutely no influence on the procfs(5). If you are interested in securing your system, you should not be mounting a procfs(5) at all. It has a checkered security history, and although there are no currently known holes (besides the treasure trove of info it can leak), it is suspect. Very few things depend on it (some obscure options of ps(1) are one of the few places it is used). -- Crist J. Clark | cjclarkat_private | cjclarkat_private http://people.freebsd.org/~cjc/ | cjcat_private
This archive was generated by hypermail 2b30 : Mon May 20 2002 - 16:25:13 PDT