Harald Dunkel <[email protected]> wrote:
> On 12/7/20 7:19 PM, Theo de Raadt wrote:
> > Yep.
> >
> > It is possible we need a better strategy --- like placing *all* original
> > argv in the [priv] title.
> >
>
> If you change the pflogd command line in the process list, what is
> supposed to happen to the existing code using pkill or pgrep, expecting
> the *old* line?
I'm suggesting such people will just have to cope.
the current privsep looks like this:
pflogd: [priv] (pflogd)
pflogd: [running] -s 160 -i pflog0 -f /var/log/pflog (pflogd)
And I'm suggesting the arguments should look like this:
pflogd: [priv] -s 160 -i pflog0 -f /var/log/pflog (pflogd)
pflogd: [running] -s 160 -i pflog0 -f /var/log/pflog (pflogd)
That might allow more accurate pkill targetting.
I'm suggesting we consider the same for all privpse daemons which label
themselves "[priv]" right now. It requires keeping argv constant,
and passing it down to the privsep startup code.
