Re: ps(1) for freebsd.

yoshiPARODIUS.COM

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Theo Schlossnagle: "Re: FW: APC UPS PowerChute PLUS exploit..."
• Previous message: Roger Espel Llima: "Re: APC UPS PowerChute PLUS exploit..."
• In reply to: Ben: "ps(1) for freebsd."
• Next in thread: Scott Smith: "Re: ps(1) for freebsd."

On XX 08/12/1998 03:00:21PM, spyTYR.OFFICE.EFN.ORG wrote:
> The ps(1) command for FreeBSD can be used to show environment variable for
> user proccesses running as you, or other users.  While not a bug itself, this
> will allow you to view certain things, i.e. is root logged on?, FTP_SERVER,
> FTP_PASSWORD, or if the machine is a dialup box, and ppp is dialing at the
> time you execute ps(1) you will be able to view the password and login for
> their account.  For privacy reasons I made patches that only allow ps(1) to
> show the proccesses for the user running it, making the '-a' flag go away,
> unless your uid or gid is 0.

        Paranoia is not synonymous with security, nor is it synonymous
        with "privacy."

        Hacking ps to fix a security problem in ppp is not the solution:
        fixing ppp is. ps(1)'s -a and -e flags were implemented for a
        reason; to remove them is de-evolutionary.

        tata.

--
| Jeremy Chadwick                                 System Administrator |
| yoshiparodius.com                                      ICQ #6279222 |
|           "Where is fancy bread? In the heart, or in the head?" - WW |

• Next message: Theo Schlossnagle: "Re: FW: APC UPS PowerChute PLUS exploit..."
• Previous message: Roger Espel Llima: "Re: APC UPS PowerChute PLUS exploit..."
• In reply to: Ben: "ps(1) for freebsd."
• Next in thread: Scott Smith: "Re: ps(1) for freebsd."