[25513] in bugtraq
Re: ps under FreeBSD
daemon@ATHENA.MIT.EDU (Torbjorn Kristoffersen)
Mon May 20 18:12:46 2002
Date: Mon, 20 May 2002 04:29:37 +0200
From: Torbjorn Kristoffersen <sgt@digiweb.no>
To: bugtraq@securityfocus.com
Message-ID: <20020520042937.A475@digiweb.no>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="LpQ9ahxlCli8rRTG"
Content-Disposition: inline
In-Reply-To: <20020518204038.A41695@fremen.dhs.org>; from sirat@fremen.g0ds.org on Sat, May 18, 2002 at 08:40:38PM +0200
--LpQ9ahxlCli8rRTG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
On Sat, May 18, 2002 at 08:40:38PM +0200, Jakub Filonik wrote:
> Hi,
> I was playing with ps on FreeBSD with kern.ps_showallprocs=0 and I was
> surprised when I have seen that I may see info about running process, if I
> know it's ID
>
> I think it may be seen as bug. What do You think?
>
This is a known problem, see Problem Report kern/30608 at
http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/30608
This issue is fixed in Current, but not in FreeBSD 4.5-STABLE, etc.
By the way, I was thinking of the best way to view all the "hidden" processes at
the same time. Something similar to ''for i in $(jot 99999); do ps -u$i....''
is extremely slow and sometimes hangs my system.
Included is therefore a patch for ps.c in /usr/src/bin/ps to view all the
"hidden" processes (just a braindead hack, really..). Any normal user can
compile his own hacked 'ps'.
You could always traverse /proc instead, but cmdline and status give too little
info.
--
Torbjorn Kristoffersen <sgt@digiweb.no>
"Real programmers don't comment their code. It was hard to write, it
should be hard to understand."
--LpQ9ahxlCli8rRTG
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="ps.c.diff"
--- /usr/src/bin/ps/ps.c Fri Feb 1 15:09:30 2002
+++ ps.c Mon May 20 04:04:47 2002
@@ -72,7 +72,8 @@
#include "ps.h"
#define SEP ", \t" /* username separators */
-
+#define PID_MAX 99999
+
KINFO *kinfo;
struct varent *vhead, *vtail;
@@ -287,6 +288,11 @@
}
}
#endif
+ all = 1;
+ parsefmt(ufmt);
+ termwidth = UNLIMITED;
+ fmt = 1;
+ xflg = 1;
/*
* Discard setgid privileges if not the running kernel so that bad
* guys can't print interesting stuff from kernel memory.
@@ -329,13 +335,14 @@
what = KERN_PROC_PID;
flag = pid;
} else {
- what = KERN_PROC_ALL;
+ what = KERN_PROC_PID;
flag = 0;
}
/*
* select procs
*/
- if ((kp = kvm_getprocs(kd, what, flag, &nentries)) == 0)
+ for(pid = 1; pid <= PID_MAX; pid++) {
+ if ((kp = kvm_getprocs(kd, what, pid, &nentries)) == 0)
errx(1, "%s", kvm_geterr(kd));
if ((kinfo = malloc(nentries * sizeof(*kinfo))) == NULL)
err(1, NULL);
@@ -349,16 +356,6 @@
sizevars();
/*
- * print header
- */
- printheader();
- if (nentries == 0)
- exit(1);
- /*
- * sort proc list
- */
- qsort(kinfo, nentries, sizeof(KINFO), pscomp);
- /*
* for each proc, call each variable output function.
*/
for (i = lineno = 0; i < nentries; i++) {
@@ -385,8 +382,11 @@
lineno = 0;
}
}
- free(uids);
+
+ }
+ free(uids);
+ free(kinfo);
exit(eval);
}
--LpQ9ahxlCli8rRTG--
