Bugtraq mailing list archives
Re: Request for discussion.
From: joerg.czeranski () informatik tu-clausthal de (Joerg Czeranski)
Date: Wed, 8 Feb 1995 21:09:42 +0100
sdw () lig net (Stephen D. Williams) wrote:
[someone asked:]On what OS? Isnt it the case that ps's on these /proc systems often need to run setuid root, so that than can ioctl(2) everyone's processes?Quick check: Linux: no setuid/root needed. OSF/1 (DEC alpha): Need setuid/root for anything. Solaris 2.3: setuid/root needed to see other processes, but a user can see their own. An interesting twist that I like, for some instances.
The Dec OSF/1 /bin/ps doesn't work without setuid, but setuid isn't needed for everything. The /proc filesystem of Dec OSF/1 V2.0 is except for minor different additions by both Sun and Dec the same as of Solaris 2.3, seems to be some standard (is it included in the SysV R4 spec?). So what you said for Solaris 2.3 applies for OSF/1, too; and I like it, too. For my taste the Linux /proc gives a bit too much information to anybody without the chance of restricting access to the user's own processe, short of rewriting the /proc filesystem. I wouldn't restrict ps on _our_ systems, but I think the kernel should care more what information is given to which users. Maybe they could implement a mount option for this... joerg -- Joerg Czeranski EMail czeranski () informatik tu-clausthal de Osteroeder Strasse 55 czeranski () rz tu-clausthal de D 38678 Clausthal-Zellerfeld WWW http://www.in.tu-clausthal.de/~injc/
Current thread:
- Re: Request for discussion., (continued)
- Re: Request for discussion. Casper Dik (Feb 08)
- Re: Request for discussion. Karl Strickland (Feb 08)
- Re: Request for discussion. Casper Dik (Feb 08)
- Sniffer FAQ Christopher Klaus (May 27)
- Security FAQes Update Christopher Klaus (May 27)
- Re: Request for discussion. Silicon Avatar (Feb 09)
- X authentication Timothy Newsham (Feb 09)
- Re: X authentication Stephen Gildea (Feb 10)
- Semaphores/Setuid root... problem? Pete Hartman (Feb 09)