Date: Sun, 21 Feb 1999 18:34:22 +0100 (CET) From: Andrzej Bialecki <abial@nask.pl> To: Lyndon Nerenberg <lyndon@execmail.com> Cc: Nate Williams <nate@mt.sri.com>, "Dan - Sr. Admin" <dm@globalserve.net>, freebsd-current@FreeBSD.ORG Subject: Re: paranoid patches Message-ID: <Pine.BSF.4.02A.9902211833100.21800-100000@korin.warman.org.pl> In-Reply-To: <Pine.SGI.4.05.9902181715180.61630-100000@zappa.esys.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 18 Feb 1999, Lyndon Nerenberg wrote: > > > Basically, it is a patch into libkvm and w, that will allow a user (with > > > the exception to the super user, naturally) to only view processes or > > > information belonging to him/herself. > > > The only problem with this is setuid binaries. The processes may have > > been started by me (top, etc..), but this wouldn't allow me to monitor > > the process once it's started. > > And, anything that can read /dev/[k]mem is free to bypass libkvm and just > grovel around in the kernel memory space, anyway. Not only that - you would need to disable other holes as well, which has been done on purpose. Think of /procfs and sysctl kern.proc..something. Andrzej Bialecki -------------------- ++-------++ ------------------------------------- <abial@nask.pl> ||PicoBSD|| FreeBSD in your pocket? Go and see: Research & Academic |+-------+| "Small & Embedded FreeBSD" Network in Poland | |TT~~~| | http://www.freebsd.org/~picobsd/ -------------------- ~-+==---+-+ ------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.02A.9902211833100.21800-100000>