Date: Fri, 19 Nov 1999 08:20:54 +0100 From: Andreas Klemm <andreas@klemm.gtn.com> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Warner Losh <imp@village.org>, Alex Zepeda <jazepeda@pacbell.net>, Andreas Klemm <andreas@klemm.gtn.com>, David Greenman <dg@root.com>, Sean Eric Fagan <sef@kithrup.com>, current@FreeBSD.ORG Subject: Re: PATCH for testing Message-ID: <19991119082054.A840@titan.klemm.gtn.com> In-Reply-To: <199911190104.RAA88682@apollo.backplane.com> References: <Pine.BSF.4.10.9911172341110.397-100000@localhost> <199911181924.MAA27434@harmony.village.org> <199911190104.RAA88682@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Nov 18, 1999 at 05:04:20PM -0800, Matthew Dillon wrote: > I am all for removing -e, but I don't really like the idea of making > it optional nor do I like the idea of trying to maintain the capability > for the user's own processes - that simply makes the code even more > complex then it already is. The danger is that the option exists in > the first place. Though I respect your statement about code complexity I'm not for removing the option, which has been available to the ps command for such a long time and definitively is a useful debugging tool (for root !). This would create a major difference to the other BSD's which is not easily understandable. "ps -e" and "ps -e -U" is useful for debugging purposes, so it should simply be restricted to root as it has been done for putting a network device into promiscous mode or other things. By simply removing it (without thinking about alternatives) I think FreeBSD looses some points ... I thought we were the team that doesn't do radical changes without a good reason ;-) Security is a good reason. But simply removing it without restricting it is in my opineon not a good style. Another alternative to restricting it to root would be, to combine it with the security level, that we can configure in rc.conf. But that's only an idea, I personally don't like magic things to happen, only because I raised a security level by one. Andreas /// -- Andreas Klemm http://www.FreeBSD.ORG/~andreas http://www.freebsd.org/~fsmp/SMP/SMP.html powered by Symmetric MultiProcessor FreeBSD Get new songs from our band: http://www.freebsd.org/~andreas/64bits/index.html To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991119082054.A840>