On 25 Oct 2011, at 09:24, Kostik Belousov wrote:
> On Tue, Oct 25, 2011 at 12:13:10AM +0300, Mikolaj Golub wrote:
>>
>> On Sun, 16 Oct 2011 20:10:05 +0300 Kostik Belousov wrote:
>>
>> KB> In my opinion, the way to implement the feature is to (re)use
>> KB> linprocfs_doargv() and provide another kern.proc sysctl to retrieve the
>> KB> argv and env vectors. Then, ps(1) and procstat(1) can use it, as well as
>> KB> procfs and linprocfs inside the kernel.
>>
>> Thanks! I am testing a patch (without auxv vector so far) and have some
>> questions.
>>
>> Original ps -e returns environment only for user owned processes (the access
>> is
>> restricted by the permissions of /proc/pid/mem file). My kern.proc.env sysctl
>> does not have such a restriction. I suppose I should add it? What function I
>> could use for this?
>>
>> BTW, linprocfs allows to read other user's environment.
> linprocfs uses p_cansee() to check the permissions. There are sysctls
> security.bsd.see_other_{ug}ids that control the behaviour.
>
> I believe that the new sysctl shall use the same check.
To be honest, I'd be far more comfortable if the environment check used
p_candebug(). Environmental variables sometimes contain passwords, etc, that
shouldn't be visible to other users on the system. Even showing command lines
is a bit dubious, but widely accepted, whereas seeing the contents of
environmental variables is not widely known in user communities.
Robert_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[email protected]"
