Subject: Re: ps vs /proc
To: None <current-users@netbsd.org>
From: Jaromir Dolecek <dolecek@ics.muni.cz>
List: current-users
Date: 02/22/2000 16:40:57
der Mouse wrote:
> It did. f_flags turned into f_oflags, with f_flags changing from a
> short to a long (thereby growing the struct).
Oh. The syscalls were not versioned ?!?
> Does it matter? Why not use it anyway? If not having evidence it's a
> procfs really bothers you, then print a warning that if it isn't really
> a procfs there then the output is meaningless....
>
> Offhand, I'd say that if it has a curproc link that readlink()s to the
> current PID in decimal, it's close enough to be worth attempting.
Well, I am no security guy. But what if a bad person mounts something over
/proc/<his/her_proces_pid> - even if (s)he would not cause anything really
dangerous, (s)he would be able to trick ps to print something what is not true
(or crash).
> > How old is your userland ?
>
> Anything from before the struct statfs change will do. :) On the
> system I noticed this on, I think most of userland dates from 1.4; I
> think my 1999-08-13 source tree has a pre-change struct statfs too.
If this is it, it's a bug. The syscalls should be versioned.
Jaromir
--
Jaromir Dolecek <jdolecek@NetBSD.org> http://www.ics.muni.cz/~dolecek/
@@@@ Wanna a real operating system ? Go and get NetBSD, damn! @@@@