[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [MiNT] Was: /proc, will be: /sys
> > In this case it would be enough to set +s AFAIK. And I personally don't
> > remember any security (+ add ironic accent) things that would apply to
> > Fcntl(), except for Fcntl(PSETFLAGS) recently (euid root is needed at
> > securelevel > 1 to request F_OS_SPECIAL).
>
> Well,
>
> to be able to do that you have to have a filesysten which supports these
> attributes. I still don't see why it should be forbidden for processes that
> are not owned by root to inquire information about other people's
> processes...
Erm, sorry??
IMHO, it is not forbidden to *inquire* anything (well, almost, but this is
not the topic). It may be only forbidden to *setup* things. And I don't
know about any code that simultaneously relies on securelevel value and is
root restricted etc. that could apply to procfs ioctl(), with EXCEPT that
it is FORBIDDEN to SET the F_OS_SPECIAL memory access for a process that
is NOT belonging to superuser, but ONLY IF securelevel is BIGGER than 1.
And this in MiNT > 1.15.4 :-) If Frank accepts the patch. :-))
I think that clarifies the possible confusion :-) Anyway, if some security
code prevents ps from reading necessary information, it can be a bug.
Gtx,
--
Konrad M.Kokoszkiewicz
|mail: draco@atari.org | Atari Falcon030 user |
|http://www.obta.uw.edu.pl/~draco/ | Moderator gregis LATINE |
|http://draco.atari.org | (loquentium) |
** Ea natura multitudinis est,
** aut servit humiliter, aut superbe dominatur (Liv. XXIV,25)
*************************************************************
** U pospolstwa normalne jest, ze albo sluzy ono unizenie,
** albo bezczelnie sie panoszy.