Re: [MiNT] Was: /proc, will be: /sys

["Konrad M. Kokoszkiewicz" <draco@obta.uw.edu.pl>]

> BTW, this is not an academic discussion.  In the new filesystem that
> allows access to process specific data (was "/sys" and is now "/kern" by
> the way) I followed "my" approach: Even ordinary users can have a glimpse
> at every other process' command line, at its environment, and they can
> read a lot of data like controlling tty, process group id, cpu time and so
> on.  This is information that every ps command I know of on other systems
> provides to every user.  If you consider that a security problem for
> certain users (a classical example would be an anonymous ftp account) you
> can always avoid that by running that particular user's login shell chroot
> (and make sure that "/kern" is outside that user's filesystem root).

The real problem is not a read access to data, but write access.
Actually, chroot can be easily worked around same way as euid bigger than
a zero. And okay, I agree, let ps display everything.

--
Konrad M.Kokoszkiewicz
|mail: draco@atari.org                  |  Atari Falcon030 user   |
|http://www.obta.uw.edu.pl/~draco/      | Moderator gregis LATINE |
|http://draco.atari.org                 |       (loquentium)      |

** Ea natura multitudinis est,
** aut servit humiliter, aut superbe dominatur (Liv. XXIV,25)
*************************************************************
** U pospolstwa normalne jest, ze albo sluzy ono unizenie,
** albo bezczelnie sie panoszy.