Re: 1.2.11 and 1.3.2+ breaks ps

Ian Jackson (iwj10@cus.cam.ac.uk)
Tue, 18 Jul 95 02:43 BST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Marek Michalkiewicz: "Re: 1.2.11 and 1.3.2+ breaks ps"
Previous message: Rob Janssen reading Linux mailinglist: "Re: linux-kernel-digest V1 #118"
Maybe in reply to: Marek Michalkiewicz: "1.2.11 and 1.3.2+ breaks ps"
Next in thread: Marek Michalkiewicz: "Re: 1.2.11 and 1.3.2+ breaks ps"
Reply: Marek Michalkiewicz: "Re: 1.2.11 and 1.3.2+ breaks ps"

Marek Michalkiewicz writes ("1.2.11 and 1.3.2+ breaks ps"):
> It is good that 1.2.11 fixes /proc security problems. But many people
> don't like another change made in this version as well as in 1.3.2.
> In previous versions (up to 1.2.10 and 1.3.1) ps always displayed the
> effective uid of the process. Now it displays the real uid.

There is a good reason for this change: it makes pidentd work
correctly for rsh connections. Otherwise pidentd would always return
`root'.

> This trivial change causes ps to show ftpd running as root (since it
> has real uid 0). I'm not sure if everyone will like it. I think in
> 1.2.xx we should keep things working the way they always did, and only
> make changes which are necessary to fix bugs.

It seems to me that the real fixes are one or both of:
* Add an extra euid field to /proc/<nnn>/stat and let ps display it
(optionally perhaps)
* Change ftpd to use saved-setuid rather than setting its real uid
to 0. For this we really need setresuid, which Linux doesn't have.

Ian.

Next message: Marek Michalkiewicz: "Re: 1.2.11 and 1.3.2+ breaks ps"
Previous message: Rob Janssen reading Linux mailinglist: "Re: linux-kernel-digest V1 #118"
Maybe in reply to: Marek Michalkiewicz: "1.2.11 and 1.3.2+ breaks ps"
Next in thread: Marek Michalkiewicz: "Re: 1.2.11 and 1.3.2+ breaks ps"
Reply: Marek Michalkiewicz: "Re: 1.2.11 and 1.3.2+ breaks ps"