Date: Tue, 16 Nov 1999 10:26:27 +0000 From: David Malone <dwmalone@maths.tcd.ie> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Poul-Henning Kamp <phk@FreeBSD.ORG>, current@FreeBSD.ORG Subject: Re: PATCH for testing Message-ID: <19991116102627.A96298@walton.maths.tcd.ie> In-Reply-To: <199911152218.OAA45512@apollo.backplane.com> References: <22209.942703421@critter.freebsd.dk> <199911152218.OAA45512@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 15, 1999 at 02:18:24PM -0800, Matthew Dillon wrote: > Why don't we get rid of the 'e' option to ps while we are at it > considering how much of a security hole it is. I've never liked the > 'e' option. If we get rid of the 'e' option we should also get rid of showing the command line args - both might leak private data. Anyone writing programs which don't want to leak data should know not to put it on the command line or in the environment. If the 'e' option is removed from FreeBSD it doesn't make the life of anyone writing programs any easier 'cos other versions of Unix will continue to expose the environment variables. Also, setting environment variables is a simple way of exporting data from a program. For example you can set variables in hosts.allow saying where the connection the created the process came from and then examine this with ps -e later. David. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991116102627.A96298>