Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.1 6/24/83; site utah-gr.UUCP Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!think!harvard!seismo!utah-cs!utah-gr!thomas From: thomas@utah-gr.UUCP (Spencer W. Thomas) Newsgroups: net.sources.bugs Subject: Re: SPS - a useful replacement for ps(1) (but....) Message-ID: <1506@utah-gr.UUCP> Date: Wed, 10-Jul-85 16:57:31 EDT Article-I.D.: utah-gr.1506 Posted: Wed Jul 10 16:57:31 1985 Date-Received: Fri, 12-Jul-85 03:28:59 EDT References: <121@hslrswi.UUCP> <2288@flame.warwick.UUCP> Reply-To: thomas@utah-gr.UUCP (Spencer W. Thomas) Organization: Univ of Utah CS Dept Lines: 15 In article <2288@flame.warwick.UUCP> kay@warwick.UUCP (Kay Dekker) writes: >>This also means that sps need not be a setuid program. > >*Need* not, admittedly: however, that means that /dev/drum, /dev/mem and >/dev/kmem all need to be generally readable. And I seem to remember that >that wouldn't be a good idea ... or am I wrong? You can take the solution we have used for some time -- make /dev/drum, ... readable by a special group (we call it MEM), but not by the general public. Then, make ps, pstat, ... setGID to MEM. -- =Spencer ({ihnp4,decvax}!utah-cs!thomas, thomas@utah-cs.ARPA) "You don't get to choose how you're going to die. Or when. You can only decide how you're going to live." Joan Baez