Path: utzoo!utgpu!cs.utexas.edu!uunet!snorkelwacker.mit.edu!ai-lab!life.ai.mit.edu!friedman From: friedman@wookumz.ai.mit.edu (Noah Friedman) Newsgroups: alt.sources.d Subject: Re: Get a user's current directory Message-ID: Date: 23 Dec 90 07:04:09 GMT References: <1990Dec21.184617.8685@cs.widener.edu> Sender: news@ai.mit.edu Followup-To: alt.sources.d Organization: The Free Software Foundation Lines: 43 In-reply-to: brendan@CS.WIDENER.EDU's message of 21 Dec 90 18:46:17 GMT In article <1990Dec21.184617.8685@cs.widener.edu> brendan@CS.WIDENER.EDU (Brendan Kehoe) writes: > Towards even better system management, this will let you find out >what directories your users are sitting in. There's lots of room for >improvement (e.g. taking an argument of a pid or username), etc. >Anything you wanna do to it, feel free -- just send me a copy of >whatcha did. > >[other comments and source code for program deleted] I can't imagine why anyone would want to use this unless they are either incredibly nosy and have nothing better to do or they are so paranoid they should have their head examined. Better system management indeed. But for those of you who *are* simply nosy, there is (usually) an easier way to get the current working directory (or at least the original cwd) of any process. Most shells have a PWD variable which, if exported, you can examine using "ps wwe#pid" (or no # sign if you're using SunOS 4.1) where pid is a process id. Admittedly not all shells bother to export PWD. Csh is pretty stupid and does. Probably tcsh does too. Of course, even if your victim is using one of these shells, you can't see much of the environment for the login shell because any variables set by the shell aren't in its own environment proper - but they are exported to any child processes. As for looking for setuid programs, why not again use ps? I've found this tool to be adequate. I'll give the author credit for actually playing with the kvm libraries and kernel memory, as that was something I wanted to do early on in my exploration of unix. But by the time I had the necessary privileges I lost interest and the time to do it. Also, as Mr. Kehoe writes, the kvm library is not portable and your mileage will vary depending on your specific implementation (e.g. System V ps won't show you the environment strings for a process, as far as I know). I would not consider this program any more than a curiosity, and I plead with system administrators not to be more paranoid or security-conscious than necessary. --- Noah Friedman friedman@ai.mit.edu