Re: Process hiding from ps? (follow-up)

Alex Buell (alex.buell@tahallah.demon.co.uk)
Sat, 21 Aug 1999 20:28:23 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Mike: "Re: Ext2fs speed ups"
Previous message: Matthew Wilcox: "Re: Problems in 2.2.11?"

On Sat, 21 Aug 1999, Alex Buell wrote:

> I think this is a potential security problem as someone might easily
> misuse this to hide a 'malicious' program, and you would not be able
> to identify it so easily using ps.

As a follow-up, it seems it is a stupidity on the part of ps (I will send
a report to the ps mantainer shortly) in that ps trusts /proc/pid/cmdline,
ignoring the string in /proc/pid/stat (which is _not_ zeroed).

Thanks, Mark Hahn.

Cheers,
Alex

Legalise cannabis today!

http://www.tahallah.demon.co.uk

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Mike: "Re: Ext2fs speed ups"
Previous message: Matthew Wilcox: "Re: Problems in 2.2.11?"