ps and wall; How do they work?
Conor P. Cahill
cpcahil at virtech.uucp
Fri Sep 14 10:04:02 AEST 1990
In article <27773 at pasteur.Berkeley.EDU> achoi at cory.Berkeley.EDU (CHOI ANDREW MAN-TAT) writes:
>
>1) How does 'ps' work? Where does it get the information about all
> the processes running on the system? I suspect it may have
It uses "/unix" (or whatever the kernel is named on your system) to get
the addresses of where the data is. Then it reads /dev/kmem (using the
addresses gotten from /unix) to get the data.
Throw in /dev, and /etc/passwd and there you go (i.e. ps then has all
the information it needs).
> I don't have read/write permission on /dev/kmem, how can
> 'ps' acquire the permission to read /dev/kmem? Is there a
> setuid program exec by 'ps' to get root access?
Do an ls -l of /bin/ps. It should be setuid or setgid (probably setgid).
>2) Even after I do 'mesg n' or 'chmod og-rx /dev/tty?', other
> users can still send me message through command 'wall',
> how come? Is there anyway to prevent 'wall' from sending the
> message?
Maybe they are running as super-user? Then they will have access to
the port no matter what you set the mode to.
Wall is only supposed to be used for important system messages
(like "system is going down in 10 seconds") so you shouldn't be
getting to many of them.
--
Conor P. Cahill (703)430-9247 Virtual Technologies, Inc.,
uunet!virtech!cpcahil 46030 Manekin Plaza, Suite 160
Sterling, VA 22170
More information about the Comp.unix.questions
mailing list