Subject: Re: ps ax availability for non-root
To: Joseph Mallett <jmallett@newgold.net>
From: Darren Reed <darrenr@reed.wattle.id.au>
List: tech-kern
Date: 04/13/2001 23:36:13
In some email I received from Joseph Mallett, sie wrote:
> Maybe depending on the securelevel, i.e. -1, 0, 1, 2, availability of
> things like top, ps, etc. to non-root should be negated or enabled?
> 
> Why would one do this anyway? the only reasoin I point out the above is it
> doesn't add a new sysctl variable, and would build upon exisiting ideas if
> such a thing is needed (which I doubt).

I think you've missed the point previously made.

The information supplied to all of these utilities comes via a system call
that is made as non-root.  If there is to be any real impact, the information
returned via sysctl needs to be controlled, not applications.

That aside, I don't believe that securelevel should control this behaviour.

Darren