Re: Mac OS X "ps(3)" and "top(3)" truncate output

[Andrew Redman <aredman () education ucsb edu>]

Try piping the output of ps to less or another pager that can scroll 
horizontally. - Andrew

matador matador wrote:
> I saw a strange behaviour on "ps" and on "top" output in Mac OS X 
> 10.4.9 Version.
>
> Let's see how it is:
>
> rfc-1918:~ xxx$ ps aux > ps_output
> rfc-1918:~ xxx$ cat ps_output
> USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND
> xxx  587 8.0 5.4 185848 28488 ?? S 2:55PM 7:20.43 /Applications/iTune
> xxx  196 0.7 2.0 186176 10324 ?? S 11:04AM 2:36.06 /Applications/Utili
> .
> .
>
> we can see that "ps" doesn't print completely the path.
>
> So if we pipe the "ps" with "grep" something if the path it's long we 
> can find the specific process.
>
> rfc-1918:~ xxx$ cat ps_output | grep iTunes
> rfc-1918:~ xxx$ cat ps_output | grep iTune
> xxx  587 8.0 5.4 185848 28488 ?? S 2:55PM 7:20.43 /Applications/iTune
> xxx  185 0.0 0.2 124980 880 ?? S 10:26AM 0:00.22 /Applications/iTune
>
> If we let the terminal window wider we are still limited by monitor 
> width.
>
> Linux user would like to use "top" command...but...
>
> 60 coreservic 0.0% 0:03.27 3 114 163 924K 11.7M 2.95M 40.3M
> 57 WindowServ 5.1% 9:54.91 2 343 646 5.82M- 32.7M- 33.6M- 242M-
> 50 DirectoryS 0.0% 0:01.10 4 65 40 372K 1.01M 1.09M 30.1M
>
> we can see that "top" have the same problem, it truncates the process 
> name.
>
> These issues open an user-space rootkit scenario.
>
> Regards
>
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>   

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/