[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fw: [ale] proc

Subject: Fw: [ale] proc
From: metroboy at sprynet.com (MetroBoy)
Date: Wed, 23 Jun 1999 22:42:51 -0400

> show)Everything. As it swaps processes in and out it must have ready
> access to variables and info. Voila /proc. The numbered files
> (directories) corespond to the open processes. Interestingly, it does
> not really take up space; hence the zero sized entries. So removing it
> won't save you any. They exist in ram and the CPU itself. You can cat
> them to read them and 'cat <file >/proc/somentry is the equivalent of
> the old Applesoft poke command. (not to be used lightly however).
>
> Some programs read them directly. For example, route or netstat. After
a
> while you will be able to read them too if you look at them.

This sounds like a security violation if one user's processes can read
data from another user's processes by just looking at the virtual
memory.  Yesterday I was reading about a feature/bug/app/Trojan in
Multics that used this technique to bypass security.

What am I missing here, besides a clue?

Ed

Prev by Date: [ale] still cant connect to bellsouth
Next by Date: [ale] still cant connect to bellsouth
Previous by thread: [ale] proc
Next by thread: [ale] Problem with using dhcp and cable modem
Index(es):
- Date
- Thread