From owner-freebsd-current  Thu Sep 17 22:22:11 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id WAA06897
          for freebsd-current-outgoing; Thu, 17 Sep 1998 22:22:11 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from mail.camalott.com (mail.camalott.com [208.203.140.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id WAA06796
          for <freebsd-current@FreeBSD.ORG>; Thu, 17 Sep 1998 22:21:59 -0700 (PDT)
          (envelope-from joelh@gnu.org)
Received: from detlev.UUCP (tex-151.camalott.com [208.229.74.151])
	by mail.camalott.com (8.8.7/8.8.7) with ESMTP id AAA24102;
	Fri, 18 Sep 1998 00:22:21 -0500
Received: (from joelh@localhost)
	by detlev.UUCP (8.9.1/8.9.1) id AAA03520;
	Fri, 18 Sep 1998 00:21:11 -0500 (CDT)
	(envelope-from joelh)
Date: Fri, 18 Sep 1998 00:21:11 -0500 (CDT)
Message-Id: <199809180521.AAA03520@detlev.UUCP>
To: Robert Watson <robert+freebsd@cyrus.watson.org>
CC: Joel Ray Holveck <joelh@gnu.org>, Andrzej Bialecki
	<abial@nask.pl>,
        freebsd-current@FreeBSD.ORG
In-reply-to: <Pine.BSF.3.96.980917231235.7181A-100000@fledge.watson.org>
Subject: Re: Limit 'ps' to show only user's processes
From: Joel Ray Holveck <joelh@gnu.org>
Reply-to: joelh@gnu.org
References:  <Pine.BSF.3.96.980917231235.7181A-100000@fledge.watson.org>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>>> Several people have been asking for this "feature" from time to time,
>>> namely that they could set a system variable (sysctl?) to limit 'ps' to
>>> show not all processes, but only user's processes for euid!=0.
>>> Would you consider this something worth implementing?
>> This belongs as a switch to ps, not as a sysctl variable.
> I agreed until we started with this 'procfs' thing.  With ps sgid kmem and
> pulling data from /dev/kmem, the appropriate place to put the limit was in
> ps.  With /procfs (and presumably a similar desire to limit data leaking),
> presumably the kernel would also be involved in limiting the spread of
> info.  Perhaps we can get ps to only use procfs and that would be far more
> desirable than this kmem approach.  I guess one would also have to either
> limit top, or have top use procfs.

Good point, thanks for reminding me (even though my "switch" comment
was based on an incorrect assumption).  I agree, and add that a sysctl
variable or kernel variable to set the permissions for
procfs-directories to 500 may be doable.  But, as somebody said,
-security has work in this direction.

Best,
joelh

-- 
Joel Ray Holveck - joelh@gnu.org - http://www.wp.com/piquan
   Fourth law of programming:
   Anything that can go wrong wi
sendmail: segmentation violation - core dumped

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message