Permissions on ps
Dan Nelson
dnelson at allantgroup.com
Tue Jun 7 05:05:33 GMT 2005
In the last episode (Jun 06), Midnight Oil said:
> I'm having difficulty understanding just how it is a regular with
> simple priviliges is able to run ps.
>
> ps accesses /dev/kmem to get a process list.
No, ps uses the kvm_getprocs library function, which by default uses
the sysctl kern.proc.all to get the process list. You can force it to
use /dev/kmem with the -M and -N commandline flags, but those are
usually used to debug crashdumps, not live systems.
--
Dan Nelson
dnelson at allantgroup.com
More information about the freebsd-questions
mailing list