Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Wmmon under FreeBSD
From: woods () MOST WEIRD COM (Greg A. Woods)
Date: Wed, 29 Dec 1999 12:05:51 -0500

[ On Friday, December 24, 1999 at 20:27:01 (+0000), Dominic Mitchell wrote: ]
Subject: Re: Wmmon under FreeBSD

Under modern BSD4.4, the preferred method is using sysctl(3),(8), as
opposed to kernfs.

That's not completely true and misses the bigger picture entirely.

According to McKusick, Bostic, Karels, and Quarterman the "sysctl()"
interface is indeed designed to resolve the problems associated with
giving read, and especially write access to all of /dev/kmem (even if
through a set-user-id program that restricts what any given user can see
or do for any given purpose).

However the primary use sysctl(2) is actually put to in 4.4BSD is for
accessing information about networking protocols, and for allowing
user-level programs to write to kernel data structures (and thus affect
run-time configuration changes) after the security level of the kernel
has been raised such that writes to /dev/kmem are impossible.

If indeed sysctl(2) had been intented as the primary interace to all
kernel memory structures however they would not have implemented /kernfs
and /procfs.  Note that no mention is ever made of ever using sysctl()
to implement utilities such as "ps".

In later analysis it has become obvious to many people that even though
sysctl() provides a hierarchical namespace, it isn't quite as useful as
it would be if it were actually a virtual filesystem providing not only
a hierarchical namespsace, but all of the other semantics of a
filesystem as well.

Indeed many other systems have gone on to show that a true virtual
filesystem interface to kernel subsystems has many advantages over even
a sysctl()-like interface that's restricted to binary programs and
perhaps a single, but hopefully generic, user-level interface tool.

                                                        Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods () acm org>      <robohack!woods>
Planix, Inc. <woods () planix com>; Secrets of the Weird <woods () weird com>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]