In some email I received from Simon Burge, sie wrote:
> 
> Darren Reed wrote:
> 
> > > I'm not so keen on having ps no longer list others' processes, but
> > > others' process args is a definite issue.  (it's the same as the
> > > environment, really.)
> > 
> > "ps -aewww" is your friend when you're an uber-hacker keeping track
> > of who's who on the system :)
> > 
> > I thinking removing process args from display is going perhaps too far ?
> 
> As I said in a separate email, "root" should always be able to see
> everything.

I'll mull that one over.  I'm very used to being able to "ps ax" and
see everything - root or not - and it would be inconviencing to have
to be root but at the same time I can see it's place.  Going further,
should it even be able to list processes for other users or is not
providing that information just being silly given what /proc provides
anyway ?

However, is sysctl the correct way to control this behaviour ?  Why should
application controls be stored in the kernel ?  That is if we wanted it to
be changable from run-time rather than compile-time...

Why not a file in /etc or even a directory with files controlling this
and other features ? Similar to Solaris' /etc/default/*...

Darren

p.s. I moved this to tech-security...