der Mouse wrote:
> It did.  f_flags turned into f_oflags, with f_flags changing from a
> short to a long (thereby growing the struct).

Oh. The syscalls were not versioned ?!?

> Does it matter?  Why not use it anyway?  If not having evidence it's a
> procfs really bothers you, then print a warning that if it isn't really
> a procfs there then the output is meaningless....
> 
> Offhand, I'd say that if it has a curproc link that readlink()s to the
> current PID in decimal, it's close enough to be worth attempting.

Well, I am no security guy. But what if a bad person mounts something over
/proc/<his/her_proces_pid> - even if (s)he would not cause anything really
dangerous, (s)he would be able to trick ps to print something what is not true
(or crash).

> > How old is your userland ?
> 
> Anything from before the struct statfs change will do. :)  On the
> system I noticed this on, I think most of userland dates from 1.4; I
> think my 1999-08-13 source tree has a pre-change struct statfs too.

If this is it, it's a bug. The syscalls should be versioned.

Jaromir
-- 
Jaromir Dolecek <jdolecek@NetBSD.org>      http://www.ics.muni.cz/~dolecek/
@@@@  Wanna a real operating system ? Go and get NetBSD, damn!  @@@@