From owner-freebsd-bugs  Fri Apr 14 02:08:55 1995
Return-Path: bugs-owner
Received: (from majordom@localhost)
          by freefall.cdrom.com (8.6.10/8.6.6) id CAA11905
          for bugs-outgoing; Fri, 14 Apr 1995 02:08:55 -0700
Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11])
          by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id CAA11889
          for <FreeBSD-BUGs@FreeBSD.org>; Fri, 14 Apr 1995 02:08:45 -0700
Received: from sax.sax.de by irz301.inf.tu-dresden.de with SMTP
	(5.67b+/DEC-Ultrix/4.3) id AA02406; Fri, 14 Apr 1995 11:08:31 +0200
Received: by sax.sax.de (8.6.12/8.6.12-s1) with UUCP
	id LAA23732; Fri, 14 Apr 1995 11:08:29 +0200
Received: (from j@localhost) by uriah.heep.sax.de (8.6.11/8.6.9) id KAA17434; Fri, 14 Apr 1995 10:49:12 +0200
From: J Wunsch <j@uriah.heep.sax.de>
Message-Id: <199504140849.KAA17434@uriah.heep.sax.de>
Subject: Re: bug on /bin/ps permission?
To: seki@sysrap.cs.fujitsu.co.jp (Masahiro SEKIGUCHI)
Date: Fri, 14 Apr 1995 10:49:11 +0200 (MET DST)
Cc: FreeBSD-BUGs@FreeBSD.org
In-Reply-To: <9504140053.AA10643@seki.sysrap.cs.fujitsu.co.jp> from "Masahiro SEKIGUCHI" at Apr 14, 95 09:53:37 am
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
X-Phone: +49-351-2012 669
X-Mailer: ELM [version 2.4 PL23]
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Content-Length: 1186      
Sender: bugs-owner@FreeBSD.org
Precedence: bulk

As Masahiro SEKIGUCHI wrote:
> 
> I'm not sure this is a bug.
> 
> In 950322 SNAP bin, /bin/ps has the following permission/owner/group:
> 
> 	-r-sr-xr-x  1 root bin   143360 Mar 24 09:33 /bin/ps

This is the change that made it:

revision 1.2
date: 1994/08/11 20:06:55;  author: wollman;  state: Exp;  lines: +2 -2
Make `ps' set-uid root so that it can read the same set of arguments
that old `ps'es did.  I'm not too thrilled about this, but I'm not
enough of an FS person to hack procfs so that /proc/xxx/mem is readable
by members of group `kmem'.  If this is done, then `ps' can go back to
being set-gid kmem.


Unfortunately, it doesn't seem to make a good job, since the remainder
of ps is not aware of its new privileges:

        /*
         * Discard setgid privileges if not the running kernel so that bad
         * guys can't print interesting stuff from kernel memory.
         */
        if (nlistf != NULL || memf != NULL || swapf != NULL)
                setgid(getgid());

This has been turned into a no-op by the suidness.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/
Never trust an operating system you don't have sources for. ;-)