On 09-Sep-99 Jason Young wrote:
> > Hack ps and turn off procfs :)
> I would think it more appropriate to adjust procfs' permissions in the
> kernel such that a user couldn't look at processes they don't own,
> i.e., can't cd or look into /proc/$PIDTHEYDONTOWN. Adding group-read
> for wheel or operator or a special new group would be good for things
> that must see all the processes. Like this:
Well.. that doesn't sound *too* complex either. Would make an interesting CS
project :)
> queried by an unpriveleged user (chdir to /proc/$PIDEXISTSBUTNOTYOURS
> would return ENOENT instead of EACCES), you deny brute force attacks
> to find out if a PID exists and by who it is owned. That increases
> privacy a bit.
Yes. it depends on your level of paranoia.
> After all that, one could implement a 'ps' command that would use only
> procfs for process info. Procfs would need to export some more info, I
It would be a good idea anyway.. I think someone has one floating around anyway.
> allowed to. This should be controlled by sysctls like (placement based
> on nfs and ffs sysctl placement precedent):
Or even a mount option to procfs :)
> I think the idea (of a procfs ps) was shot down on the lists some time
> ago because ps needs to retain the ability to look at the process list
> in a kernel coredump. IMHO that's a lot of messy kvm groveling and
> associated kernel-to-userland sync dependencies, just to cater to the
> (generous figure) 0.5% of the people out there who have 1) a crashing
> FreeBSD box and 2) the expertise and the will to debug the crash dump.
> I think that issue needs to be revisited somehow.
Well.. I do use crash dumps, but rarely use ps on them.. Even so you could have
2 implementations of ps, or a ps which allows you to compile in a different
'back end'. That way you can use either easily.
> Unfortunately I don't have my proposal written in diff(1) at the
> moment, but writing all this out makes me really want to go ahead and
> do it. Then again, somebody DID ask for a CS project. :)
Heh :)
---
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
PGP signature
