ps and wall; How do they work?
Doug Gwyn
gwyn at smoke.BRL.MIL
Fri Sep 14 07:39:10 AEST 1990
In article <27773 at pasteur.Berkeley.EDU> achoi at cory.Berkeley.EDU (CHOI ANDREW MAN-TAT) writes:
>1) How does 'ps' work? Where does it get the information about all
> the processes running on the system? I suspect it may have
> something to do with /dev/kmem (Kernel Memory);
Yes, the information about process state is typically obtained by directly
rummaging around in the kernel's process tables.
> however, since
> I don't have read/write permission on /dev/kmem, how can
> 'ps' acquire the permission to read /dev/kmem? Is there a
> setuid program exec by 'ps' to get root access?
"ps" should be installed set-GID and belong to a group such as
"memory" that has read permission on /dev/kmem.
>2) Even after I do 'mesg n' or 'chmod og-rx /dev/tty?', other
> users can still send me message through command 'wall',
> how come? Is there anyway to prevent 'wall' from sending the
> message?
Any version of "wall" that writes on terminals that have had "mesg n"
executed on them is BROKEN. You can fix that by removing /bin/wall.
More information about the Comp.unix.questions
mailing list