ps problem (watch out)
BALDWIN
mike at whuxl.UUCP
Tue Sep 17 10:15:48 AEST 1985
> Actually, ``ps'' and other kernel-grubbers should generally be
> setgid (not setuid) to a special group that can read the appropriate
> files.
But you have to be careful: most ps's let you specify which namelist,
swap, and core files to open (-n,-s,-c in SV), and you don't want to
open them with gid sys. Theoretically, you can munge up a fake core
file or namelist that would let you read parts of sys files you shouldn't
(i.e., the clists from /dev/kmem). And it's worse: if ANY of the
files are user specified, don't open ANY of the files with gid sys!
This could be annoying for a user wanting to use, say, /OLDunix for a
namelist when an old version is booted, but again, with lots of
tomfoolery you can rig up a namelist to read parts of /dev/kmem you
shouldn't.
> I have a question, though: is SysV's /dev/swap somehow different
> from 4.xBSD's /dev/drum? If not, the suggestion given here
> (approximately ``ln /dev/fuji /dev/swap'') won't work.
Here (SVR2), /dev/swap has the same maj,min as /dev/dsk/0s0, so it's
not a pseudo-device like /dev/drum. I don't know how the paging
release uses /dev/swap.
--
Michael Baldwin
AT&T Bell Labs
{at&t}!whuxl!mike
More information about the Comp.unix.wizards
mailing list