Mailinglist Archive: opensuse-security (81 mails)

< Previous Next >
Re: [suse-security] Intrusion spyware malware key stroke detection
  • From: Randall R Schulz <rschulz@xxxxxxxxx>
  • Date: Wed, 22 Feb 2006 08:31:17 -0800
  • Message-id: <200602220831.17904.rschulz@xxxxxxxxx>
Kendy,

On Wednesday 22 February 2006 08:05, Kendy Kutzner wrote:
> On 2006-02-22T07:44:23-0800, Randall R Schulz wrote:
> > There is no output from "ps" that's available to root only.
>
> There is. Normal users can't read the environment from others. ps
> option 'e' shows the environment.

Yes. I overlooked that.

When you think about it, it's odd that arguments are disclosed without
respect to user IDs but environment variable are not. It's rather
arbitrary and I can't think of a reason why arguments are considered
less sensitive than environment variables are.


> Kendy


Randall Schulz

< Previous Next >