Bugtraq: Re: ps information leak in FreeBSD

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: ps information leak in FreeBSD

From: Sean Kelly <smkelly () zombie org>
Date: Mon, 6 Jan 2003 15:19:36 -0600

On Sun, Jan 05, 2003 at 08:46:50PM +0000, Cache wrote:

[cache () silent][ttyv1] ~> sysctl -a | grep show
kern.ps_showallprocs: 0
[cache () silent][ttyv1] ~> ps -auxwwwp 101
USER   PID %CPU %MEM   VSZ  RSS  TT  STAT STARTED      TIME COMMAND
root   101  0,0  0,2  1020  740  ??  Is    0:12     0:00,01 /usr/sbin/cron


I've been aware of this problem for a long time, and in fact I made a patch
against 4.6-STABLE which can be applied to correct it. I am not sure how
portable it will be to 4.7-STABLE, but I imagine it would work.

Please see the relevent FreeBSD PR:
http://www.FreeBSD.org/cgi/query-pr.cgi?pr=kern/42065

-- 
Sean Kelly         | PGP KeyID: D2E5E296
smkelly () zombie org | http://www.zombie.org

Attachment: _bin
Description:

By Date By Thread

Current thread:

ps information leak in FreeBSD Cache (Jan 06)
- Re: ps information leak in FreeBSD Sean Kelly (Jan 06)
- Re: ps information leak in FreeBSD Jez Hancock (Jan 21)
  - Re: ps information leak in FreeBSD Sean Kelly (Jan 08)
  - Re: ps information leak in FreeBSD Crist J. Clark (Jan 21)
    - Re: ps information leak in FreeBSD Damien Miller (Jan 09)
    - Re: ps information leak in FreeBSD David M. Wilson (Jan 15)