From owner-freebsd-current  Wed Nov 24  0: 3:55 1999
Delivered-To: freebsd-current@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP
	id 64A76150BE; Wed, 24 Nov 1999 00:03:44 -0800 (PST)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id BAA12114;
	Wed, 24 Nov 1999 01:01:13 -0700 (MST)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id BAA19058; Wed, 24 Nov 1999 01:01:33 -0700 (MST)
Message-Id: <199911240801.BAA19058@harmony.village.org>
To: Poul-Henning Kamp <phk@critter.freebsd.dk>
Subject: Re: ps on 4.0-current 
Cc: freebsd-current@FreeBSD.ORG, security@FreeBSD.ORG
In-reply-to: Your message of "Wed, 24 Nov 1999 00:54:15 +0100."
		<31375.943401255@critter.freebsd.dk> 
References: <31375.943401255@critter.freebsd.dk>  
Date: Wed, 24 Nov 1999 01:01:33 -0700
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <31375.943401255@critter.freebsd.dk> Poul-Henning Kamp writes:
: Warner ?

Like I've said in private mail to many different people on this issue,
there needs to be a sysctl which controls this, and it needs to be
open by default.

There are many cases where unwanted information is disclosed
inadvertantly by these arguments.  It invades the privacy of the users
to do so.  I don't want anybody to find out that I'm sending mail to
joe@greco.com because they can see my ps args, for example, or that my
chat script is doing stupid things and putting the password on the
command line.  or if I'm aiding law enforcement looking for the string
"SecreTTWarEzz" to see who is posting them from my machine, I don't
want anyone to know what I'm looking for.  People generally take care
to not include sensitive information on the command line, but
sometimes this can't be helped.

Not all will agree with this, and it is a change from the past so
there needs to be a sysctl to control this.  And given that it is a
radical change from the past, it needs to default to open.

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message