Date: Wed, 24 Nov 1999 14:57:37 +0800 From: Peter Wemm <peter@netplex.com.au> To: Dan Nelson <dnelson@emsphone.com> Cc: Lyndon Nerenberg <lyndon@orthanc.ab.ca>, David Malone <dwmalone@maths.tcd.ie>, Brian Somers <brian@Awfulhak.org>, Poul-Henning Kamp <phk@freebsd.dk>, Forrest Aldrich <forrie@forrie.com>, freebsd-current@FreeBSD.ORG, brian@hak.lan.Awfulhak.org Subject: bogus kern_proc.c change (Re: ps on 4.0-current) Message-ID: <19991124065737.0FDFF1CC7@overcee.netplex.com.au> In-Reply-To: Message from Dan Nelson <dnelson@emsphone.com> of "Tue, 23 Nov 1999 18:37:34 CST." <19991123183733.A21142@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Dan Nelson wrote: > In the last episode (Nov 23), Lyndon Nerenberg said: > > After you verify that this change isn't going to break things that > > assume they can see the *argv list via ps(1). I.e. lightning bolts > > that do 'kill -MUMBLE `ps -ax|grep foo`'. Which may not be elegant > > style, but sometimes is the only workable solution. > > That won't be affected, because anyone that has kill rights to the > process will also see the full processname. Now that I think about it, > I can't come up with a case where this is really bad. If you're doing > ps'es with intent to kill arbitrary processes (in the name of debugging > or whatever), you're probably already root. It's this bogus change to kern/kern_proc.c. If you back this out it should work as expected. @@ -631,7 +633,7 @@ if (!p) return (0); - if (!PRISON_CHECK(curproc, p)) + if (p_trespass(curproc, p)) return (0); if (req->newptr && curproc != p) Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991124065737.0FDFF1CC7>