From owner-freebsd-security Mon Jan 24 14:19:31 2000 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id D582714F53 for ; Mon, 24 Jan 2000 14:19:28 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id PAA02857; Mon, 24 Jan 2000 15:13:45 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id PAA06694; Mon, 24 Jan 2000 15:13:32 -0700 (MST) Message-Id: <200001242213.PAA06694@harmony.village.org> To: Peter Wemm Subject: Re: Fwd: *BSD procfs vulnerability Cc: Mike Tancsa , freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Mon, 24 Jan 2000 18:34:41 +0800." <20000124103441.D88561C03@overcee.netplex.com.au> References: <20000124103441.D88561C03@overcee.netplex.com.au> Date: Mon, 24 Jan 2000 15:13:32 -0700 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <20000124103441.D88561C03@overcee.netplex.com.au> Peter Wemm writes: : Under -current, practically nothing. Under 3.x, ps(1) won't work right. : I'm not sure about gdb(1), it seems to use ptrace(2) these days. A quick audit of the code shows that truss and gcore will stop working, since they use procfs. I thought that ps used procfs to get some command args, but come to think of it, it didn't show up in my grep. gdb seems to use the proc/pid/mem file, but I didn't look closely to see if that was ifdef'd out or not. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message