Date: Tue, 11 Aug 1998 21:36:19 -0400 (EDT) From: andrewr <andrewr@slack.net> To: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> Cc: Marc Slemko <marcs@znep.com>, "Mark J. Taylor" <mtaylor@cybernet.com>, freebsd-security@FreeBSD.ORG Subject: Re: Possible security "risk" in ftp client Message-ID: <Pine.NEB.3.96.980811213226.17677B-100000@brooklyn.slack.net> In-Reply-To: <199808112338.TAA14075@khavrinen.lcs.mit.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 11 Aug 1998, Garrett Wollman wrote: > > I think there are good reasons (and this is one of them) to disable > the environment-dumping option of ps. Unfortunately it is probably > too well-entrenched to kill. I had totally forgotten about it until > this discussion began. > > -GAWollman For awhile now, I've been wanting to change alot of things dealing with ps and proc. What I mean is, privacy. I believe there should be an option on install or perhaps a patch to ps(1), w(1), and who knows what others, that will not allow normal users to view the processes of other normal users (or superusers for that matter). However, /proc is a way for a normal user to view what programs are being run for what id, and the uid is easy enough see (ls -l), (thanks jtb). Don't you think this should be an optional patch? Andrew > > -- > Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same > wollman@lcs.mit.edu | O Siem / The fires of freedom > Opinions not those of| Dance in the burning flame > MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96.980811213226.17677B-100000>