|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Sean Kelly (smkelly_at_zombie.org)
Date: Wed Jan 08 2003 - 10:39:03 CST
On Tue, Jan 07, 2003 at 09:18:00AM +0000, Jez Hancock wrote:
...
> It's annoying in that I see a lot of users running mysql with the -u and -p options:
>
> mysql -u user -p mypassword
>
> on the commandline, thinking that this info will not show up in ps listings when ps
> is run by other users. Ho hum...
As has already been pointed out, this is something that the application
should deal with. Despite this, FreeBSD also has a sysctl knob which will
protect against this.
(2) root:~$ sysctl kern.ps_argsopen=0
kern.ps_argsopen: 1 -> 0
This will prevent exactly the problem you describe, by making arguments not
viewable to other users (excluding root). IT also appears to take effect in
/proc, such as /proc/<pid>/cmdline.
This is present in FreeBSD 4.7-STABLE, at least.
-- Sean Kelly | PGP KeyID: D2E5E296 smkellyzombie.org | http://www.zombie.org
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD)
iD8DBQE+HFQkPm7A9NLl4pYRAt0nAKCk5VFEQj2WjA2BZfs39vtUBS3JogCeOAk6 vWFGnPZOT6GKHyrNxeXSiww= =fRZH -----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]