Subject: ps -e
To: None <tech-security@NetBSD.ORG>
From: Dave Sainty <>
List: tech-security
Date: 12/04/1999 11:39:10
  by with SMTP; 3 Dec 1999 22:41:40 -0000
  by with SMTP; 3 Dec 1999 22:41:31 -0000
  by with SMTP; 3 Dec 1999 22:39:10 -0000
To: tech-security@NetBSD.ORG
Subject: ps -e
Date: Sat, 04 Dec 1999 11:39:10 +1300
From: Dave Sainty <>

<< Also sent to current-users + Simon >>

Simon Burge writes:

> Module Name:	basesrc
> Committed By:	simonb
> Date:		Fri Dec  3 02:16:42 UTC 1999
> Modified Files:
> 	basesrc/bin/ps: extern.h print.c ps.1 ps.c
> Log Message:
> "ps -e" only shows the environment for the processes owned by the
> current user id or all process if run by root.
> Fixes PR security/5967 from Todd Vierling.

Sometimes -e on other users processes is useful in the same way that
using ps to see other users processes is (command line arguments etc).

This seems rather a half-hearted change (why not make other peoples
command lines/processes unviewable too?), and given that the
environment has historically been viewable, no-one should consider it
secure anyway.

It seems to me to be hard to justify breaking this feature...