[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ps(1) exposes enviroment

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: ps(1) exposes enviroment
From: Wojciech Scigala <vvk_(_at_)_arkanet_(_dot_)_trzepak_(_dot_)_pl>
Date: Tue, 11 Sep 2001 01:27:17 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

ps(1) called with 'e' argument shows enviroment variables of
processes. It's proper and well documented behaviour, but I can't
understand how it makes sense - enviroment is often used by
applications to hold passwords or other sensitive data, and so it
should not be exposed to other users. I can't see any good reason
for an user to see others' enviroment - or even whole process list.

So please, our dear developers, argue why one's enviroment has to be
exposed to others. Maybe it's only historical reason?

-- 
Wojtuś.net                 __|__
Fidonet: 2:484/47   `--------o--------'

Follow-Ups:
- Re: ps(1) exposes enviroment
  - From: Sebastian Stark

Prev by Date: Re: setting up router
Next by Date: Re: /bin/sh on /etc/rc terminated
Previous by thread: "make build" for openbsd 2.8 fails (ssh-keygen)
Next by thread: Re: ps(1) exposes enviroment
Index(es):
- Date
- Thread

Visit your host, monkey.org