Re: ps under FreeBSD

["Crist J. Clark" <crist.clark () attbi com>]

On Sat, May 18, 2002 at 11:50:03PM +0400, Yuri A. Kabaenkov wrote:
> Hello Jakub,
>
> Saturday, May 18, 2002, 10:40:38 PM, you wrote:
>
> There is another bug with this sysctl variable.
> For example to see all processess with kern.ps_showallprocs=0 you can do this:
>
> $ cd /proc;

The kern.ps_showallprocs sysctl(8) setting has absolutely no influence
on the procfs(5).

If you are interested in securing your system, you should not be
mounting a procfs(5) at all. It has a checkered security history, and
although there are no currently known holes (besides the treasure
trove of info it can leak), it is suspect. Very few things depend on
it (some obscure options of ps(1) are one of the few places it is
used).
-- 
Crist J. Clark                     |     cjclark () alum mit edu
                                   |     cjclark () jhu edu
http://people.freebsd.org/~cjc/    |     cjc () freebsd org