On Fri, Sep 05, 2008 at 09:29:51PM -0500, Justin Dugger wrote:
On Fri, Sep 5, 2008 at 8:31 PM, Hal Duston [email protected] wrote:
the environment. All the program is doing is modifying the contents of argv[0] after making provision for the rest of the environment.
I wonder if ps has been evaluated for security. It's old enough that surely someone's thought of attacking scripts like that before. I'm sure there's a few scripts out there written to run 'ps' as root.
I'm not sure I follow. The application is modifying its own argv[0]. ps is reading /proc/<pid>/cmdline, and displaying it. Where is the risk? ps already has to be concerned about any indeterminate values being in /proc/<pid>/cmdline regardless of the fact that some random process can modify its own argv[0].
Thanks, -- Hal