From owner-freebsd-ports  Thu Apr  6 09:55:48 1995
Return-Path: ports-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id JAA02000
          for ports-outgoing; Thu, 6 Apr 1995 09:55:48 -0700
Received: from teton.Mines.Colorado.EDU (mbarkah@teton.Mines.Colorado.EDU [138.67.1.21])
          by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id JAA01993
          ; Thu, 6 Apr 1995 09:55:46 -0700
Received: by teton.Mines.Colorado.EDU (AIX 3.2/UCB 5.64/4.03)
          id AA42466; Thu, 6 Apr 1995 10:50:10 -0600
From: mbarkah@teton.Mines.Colorado.EDU (Ade Barkah)
Message-Id: <9504061650.AA42466@teton.Mines.Colorado.EDU>
Subject: Re: lsof 3.25 now available for fbsd 2.0
To: joerg_wunsch@uriah.heep.sax.de
Date: Thu, 6 Apr 1995 10:50:10 -0600 (MDT)
Cc: freebsd-hackers@FreeBSD.org, ports@FreeBSD.org
X-Mailer: ELM [version 2.4 PL22]
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Content-Length: 2136      
Sender: ports-owner@FreeBSD.org
Precedence: bulk

J Wunsch wrote:

>> ... The version uploaded was compiled with -DHASSECURITY which 
>> restricts non-priviledged users from listing other people's open 
>> files. ...
>
> Does this make sense?  I'm perfectly able to look at any open file
> with fstat(1).  So why restrict lsof to less than fstat can do?

Well, lsof is capable in displaying much more than fstat by default, 
to the point that other user's privacy might be invaded, so I decided 
to restrict the output.

`lsof' uses the kernel name cache to get the file name associated with 
an open descriptor (if any). fstat, on the other hand, limits itself 
to the mountpoint of the file unless you specifically give the file 
name as an argument.

For example, here are two lines from fstat about me and my vi editor:

| mbarkah  vi         10325    3 /usr2      3920 -rw-rw-r--       0  r
| mbarkah  vi         10325    5 /tmp          4 -rw-------       0 rw

However, here are the corresponding output from `lsof':

| vi        10325  mbarkah    3rW VREG     4,  13          0   3920 /usr2 --
| m/mbarkah/verypersonalfile
|
| vi        10325  mbarkah    4u  VREG     4,   0          0   7834 / --
| var/tmp/vi.recover/vi.010325

Notice that lsof actually shows which file I'm editing, whereas fstat
has no such information.

Another example.... here's what fstat shows about my working directory:

| mbarkah  csh        10126   wd /usr      92285 drwxrwxr-x     512  r

`lsof' goes further than displaying only the /usr mountpoint:

| csh       10126  mbarkah  cwd   VDIR     4,  12        512  92285 /usr --
| src/sys

and it shows my working directory to be /usr/src/sys.

Without the HASSECURITY option, any user on the system can too easily
spy on another user, watching exactly what processes he is running and
which files he is working on, his current directory, network connections,
etc., and I'm not sure this is what most people want. However, I'd
be happy to replace the current version with a lenient version if
the net so desires.

Since lsof is setgid, people should compile their own anyhow, rather
than trusting (the possibly evil) me. =)

Regards,

-Ade Barkah