Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 9 Jul 2003 08:04:49 -0700
From:      Brooks Davis <brooks@one-eyed-alien.net>
To:        Vivenzio Pagliari <vivenzio@web.de>
Cc:        freebsd-doc@freebsd.org
Subject:   Re: kvm_openfiles(3) manual page and procfs
Message-ID:  <20030709150448.GB28375@Odin.AC.HMC.Edu>
In-Reply-To: <200307091140.h69BeZQ12876@mailgate5.cinetic.de>
References:  <200307091140.h69BeZQ12876@mailgate5.cinetic.de>

next in thread | previous in thread | raw e-mail | index | archive | help

--hHWLQfXTYDoKhP50
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jul 09, 2003 at 01:40:35PM +0200, Vivenzio Pagliari wrote:
>=20
> First I read somewhere (unfortunately I cannot remember where), that
> procfs is deprecated for getting information from and should not be used
> because it is not secure. My question here is: Is this statement correct =
and
> if yes, why isn't procfs secure? (This question is somewhat off-topic for
> freebsd-doc, but maybe someone can tell me ?!)

We've deprecated it because it has been a major source of kernel
vulnerabilities in the past and it's very difficult to get right.

> Looking at some documentation and the sources of the ps program,
> I've realized that the kvm_* familiy of functions serves this purpose in
> FreeBSD.
>=20
> In the ps source, I've noticed, that "/dev/null" is used for the first two
> parameters of kvm_openfiles (the execfile and corefile arguments).
> But this is not documented in the man page, which rather suggests to
> use NULL or a kernel image as execfile and /dev/mem or dev/kmem
> or NULL for corefile. Shoudn't the usage of "/dev/null" be documented
> as well?

I'd say it should be documented or the examples in existing code should
be removed.  If you submit a patch documenting it, someone would
probably commit it.

-- Brooks

--=20
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4

--hHWLQfXTYDoKhP50
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/DC8JXY6L6fI4GtQRAprhAJ4223xDcWrKogYBYOGJAgMh6h/PiwCgtlPe
wwY+VqE/2ou97UAqeX74DsM=
=hwht
-----END PGP SIGNATURE-----

--hHWLQfXTYDoKhP50--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030709150448.GB28375>