On Wed, 12 Jul 1995, James W. Abendschan wrote: > Maybe I'm completely missing the point, but wouldn't this help? > > linux# chown root.kmem /proc > linux# chmod 750 /proc > > And then sgid kmem all the binaries that need /proc access: > > linux# chown root.kmem `which w` `which ps` `which top` (etc) > linux# chmod 2755 `which w` `which ps` `which top` (etc) > > This restricts ordinary users from wandering around in /proc, and > thus being able to access the "unclosed" files. > You are. The whole point of /proc is not only make things like ps, w, etc not to have to go looking into the kernel memeory but also to allow people easy access to information trough /proc. If we make it group kmem we might as well dump it and keep doing it the old way. /proc is a "Good Thing(tm)" just need to figure out the right perms for the right files. > James > > -- > James Abendschan jwa@nbs.nau.edu Will Hack For Food > <a href="http://www.nbs.nau.edu/~jwa">Zero Funk Kick</a> >