On Wed, Dec 01, 2004 at 10:35:45AM +0900, Rob wrote: > Ruben de Groot wrote: > > > >/proc is considered (and has demonstrated to be) a security > >risk and has therefore been disabled by default in FreeBSD 5.x > > What security risks? > Same with linproc (mounted as /compat/linux/proc)?
See any number of security advisories. It's not that there are known vulnerabilities remaining, it's that the very nature of what a procfs is means that there are likely to be other vulnerabilities waiting to be discovered. Kris
pgp9Mfxe4VozA.pgp
Description: PGP signature
