Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!sdd.hp.com!think.com!mintaka!bloom-beacon!vaxeline!vax.ftp.com!towfiq From: towfiq@FTP.COM (Mark Towfiq) Newsgroups: comp.unix.questions Subject: Re: command line shown by ps Message-ID: Date: 21 Feb 91 16:20:18 GMT References: Sender: news@vaxeline.COM Reply-To: towfiq@FTP.COM Followup-To: comp.unix.questions Organization: FTP Software, Inc., Wakefield, MA Lines: 27 In-reply-to: jockc@hammer.idsila.com's message of 20 Feb 91 18:35:37 GMT In article jockc@hammer.idsila.com (PRIV Account) writes: How can a process change or obscure the command line that ps (and other programs like w or whodo) show for it? This could obviously be desirable for security reasons, but also for informational purposes. For example, when a program forks a child process to do something, the child proc might want to change its "command line" (what ps shows, which by now probably has little meaning) to something more descriptive of what its doing. Amazingly, the situation you describe and the reasons for it are exactly the ones met by the setproctitle() call in sendmail. When it forks a child, the child describes its current status by munging its argv array. This does not work on all systems, as you suggest (such as ones which malloc() argv entries and expect them not to be clobbered) but most BSD-type systems can handle it. Check out the source for sendmail, obtainable from many many anonymous FTP hosts (such as uunet.uu.net or ucbvax.berkeley.edu). Hope this helps. -- Mark Towfiq, FTP Software, Inc. towfiq@FTP.COM Work No.: +1 617 246 0900 Home No.: +1 617 488 2818 "The Earth is but One Country, and Mankind its Citizens" -- Baha'u'llah