ps and wall; How do they work?
Craig Harmer
craig at veritas.uucp
Wed Sep 26 17:36:31 AEST 1990
In article <27773 at pasteur.Berkeley.EDU> achoi at cory.Berkeley.EDU (CHOI ANDREW MAN-TAT) writes:
...
>
>I have the following 2 questions about command 'ps' and 'wall':
>
>1) How does 'ps' work? Where does it get the information about all
> the processes running on the system? I suspect it may have
> something to do with /dev/kmem (Kernel Memory); however, since
> I don't have read/write permission on /dev/kmem, how can
> 'ps' acquire the permission to read /dev/kmem? Is there a
> setuid program exec by 'ps' to get root access?
yes, i reads /dev/kmem (kernel memory) to get the information. ps
is generally setuid root, or (more intelligently) setgid sys
(or whatever is relevant to your machine). when ps is executed,
it runs with an "effective" group id of (see the setuid(2) man
page).
>2) Even after I do 'mesg n' or 'chmod og-rx /dev/tty?', other
> users can still send me message through command 'wall',
> how come? Is there anyway to prevent 'wall' from sending the
> message?
root can always write to your terminal; one of the priviledges
of being root is having write permission on all files (including
special files, like /dev/tty). "mesg n" or "chmod 0600 /dev/tty??"
should prevent other people from writing to your tty.
--
{apple,pyramid,amdahl}!veritas!craig craig at hoser.veritas.com
(415) 626-6827 (h) (408) 433-5588 x220 (w)
[views expressed above shouldn't be taken as
Veritas' views, or your views or even as my views]
More information about the Comp.unix.internals
mailing list