Date: Wed, 24 Nov 1999 14:57:37 +0800 From: Peter Wemm <peter@netplex.com.au> To: Dan Nelson <dnelson@emsphone.com> Cc: Lyndon Nerenberg <lyndon@orthanc.ab.ca>, David Malone <dwmalone@maths.tcd.ie>, Brian Somers <brian@Awfulhak.org>, Poul-Henning Kamp <phk@freebsd.dk>, Forrest Aldrich <forrie@forrie.com>, freebsd-current@FreeBSD.ORG, brian@hak.lan.Awfulhak.org Subject: bogus kern_proc.c change (Re: ps on 4.0-current) Message-ID: <19991124065737.0FDFF1CC7@overcee.netplex.com.au> In-Reply-To: Message from Dan Nelson <dnelson@emsphone.com> of "Tue, 23 Nov 1999 18:37:34 CST." <19991123183733.A21142@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Nelson wrote:
> In the last episode (Nov 23), Lyndon Nerenberg said:
> > After you verify that this change isn't going to break things that
> > assume they can see the *argv list via ps(1). I.e. lightning bolts
> > that do 'kill -MUMBLE `ps -ax|grep foo`'. Which may not be elegant
> > style, but sometimes is the only workable solution.
>
> That won't be affected, because anyone that has kill rights to the
> process will also see the full processname. Now that I think about it,
> I can't come up with a case where this is really bad. If you're doing
> ps'es with intent to kill arbitrary processes (in the name of debugging
> or whatever), you're probably already root.
It's this bogus change to kern/kern_proc.c. If you back this out it should
work as expected.
@@ -631,7 +633,7 @@
if (!p)
return (0);
- if (!PRISON_CHECK(curproc, p))
+ if (p_trespass(curproc, p))
return (0);
if (req->newptr && curproc != p)
Cheers,
-Peter
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991124065737.0FDFF1CC7>