On Sun, Sep 07, 2003 at 02:29:25PM -0400, kpneal@pobox.com wrote:
> Moved to tech-kern because my question has nothing to do with
> source commits in progress.
> 
> On Sat, Sep 06, 2003 at 08:14:40PM +0100, David Laight wrote:
> > Of course, if you can read /dev/mem you can find the current state.
> 
> Say, why do we need /dev/kmem and /dev/mem these days? Are they
> still needed for ps and friends? X11 device drivers?

ps doesn't but there are still programs that think it is a good idea
to trawl trough kmem to find data.

> Wouldn't we be better off security-wise without them? 

yes.

> Would it be reasonable to make them optional?

Might be interesting to see just how much doesn't work :-)

No stats from ipf, not sure about top, vmstat, much of systat, some
brain-dead tcp utilities that grovel out tcp sequence numbers....

	David

-- 
David Laight: david@l8s.co.uk