I seem to recall that conversation here in the mailing list.
How about a system configuration variable that determines what info
like ps (and friends) can access?
Personally, I would just prefer to leave it be. There are too many other
potential problems with scripts and such that depend upon the info
PS provides. *shrug* :)
_F
At 12:54 AM 11/24/99 +0100, Poul-Henning Kamp wrote:
>In message <[EMAIL PROTECTED]>, Brian Somers writes:
> >> In the last episode (Nov 23), Brian Somers said:
> >> > $ ps jtva
> >> > USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND
> >> > root 222 1 222 9dac40 0 Is+ va 0:00.01 (getty)
> >> > $ sudo ps jtva
> >> > USER PID PPID PGID SESS JOBC STAT TT TIME COMMAND
> >> > root 222 1 222 9dac40 0 Is+ va 0:00.01
> /usr/libexec/getty Pc tt
> >> > $ head -1 /etc/motd
> >> > FreeBSD 4.0-CURRENT (HAK) #9: Mon Nov 22 01:09:55 GMT 1999
> >> >
> >> > This looks a bit wrong....
> >>
> >> Now that does look weird. After a bit more investigation, it looks
> >> like you can only get the full commandline of your own processes. Root
> >> can see all commandlines.
>
> >Any comments Poul ? Is this anything to do with the recent command
> >line buffering ?
>
>Yes, I changed it to this behaviour at warners asking (I think he had
>the security-meister hard-hat on at the time).
>
>I'm personally leaning towards the opinion that the argv is public
>property and should be visible, but then again, I can see the point
>in hiding it in some circumstances.
>
>I'll stick a sysctl in there which defaults to the "open" position
>and people who need to hide it can set it to "close" to do so.
>
>Will this satisfy everybody ?
>
>Warner ?
>
>--
>Poul-Henning Kamp FreeBSD coreteam member
>[EMAIL PROTECTED] "Real hackers run -current on their laptop."
>FreeBSD -- It will take a long time before progress goes too far!
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message