Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84 exptools; site whuxl.UUCP
Path: utzoo!watmath!clyde!cbosgd!ihnp4!houxm!whuxl!mike
From: mike@whuxl.UUCP (BALDWIN)
Newsgroups: net.unix-wizards
Subject: Re: ps problem (watch out)
Message-ID: <706@whuxl.UUCP>
Date: Mon, 16-Sep-85 20:15:48 EDT
Article-I.D.: whuxl.706
Posted: Mon Sep 16 20:15:48 1985
Date-Received: Wed, 18-Sep-85 02:28:44 EDT
References: <845@burl.UUCP> <783@lsuc.UUCP> <1530@umcp-cs.UUCP>
Organization: AT&T Bell Laboratories, Whippany
Lines: 26

> Actually, ``ps'' and other kernel-grubbers should generally be
> setgid (not setuid) to a special group that can read the appropriate
> files.

But you have to be careful:  most ps's let you specify which namelist,
swap, and core files to open (-n,-s,-c in SV), and you don't want to
open them with gid sys.  Theoretically, you can munge up a fake core
file or namelist that would let you read parts of sys files you shouldn't
(i.e., the clists from /dev/kmem).  And it's worse: if ANY of the
files are user specified, don't open ANY of the files with gid sys!
This could be annoying for a user wanting to use, say, /OLDunix for a
namelist when an old version is booted, but again, with lots of
tomfoolery you can rig up a namelist to read parts of /dev/kmem you
shouldn't.

> I have a question, though: is SysV's /dev/swap somehow different
> from 4.xBSD's /dev/drum?  If not, the suggestion given here
> (approximately ``ln /dev/fuji /dev/swap'') won't work.

Here (SVR2), /dev/swap has the same maj,min as /dev/dsk/0s0, so it's
not a pseudo-device like /dev/drum.  I don't know how the paging
release uses /dev/swap.
-- 
						Michael Baldwin
						AT&T Bell Labs
						{at&t}!whuxl!mike


Brought to you by Super Global Mega Corp .com