Subject: ps -e
To: None <tech-security@NetBSD.ORG>
From: Dave Sainty <dave@dtsp.co.nz>
List: tech-security
Date: 12/04/1999 11:39:10
  by redmail.netbsd.org with SMTP; 3 Dec 1999 22:41:40 -0000
  by caesar.sai.dtsp.co.nz with SMTP; 3 Dec 1999 22:41:31 -0000
  by tequila.dave.dtsp.co.nz with SMTP; 3 Dec 1999 22:39:10 -0000
To: tech-security@NetBSD.ORG
Subject: ps -e
 s!52iF{}"OR9bmoP<zcZE)p<ywANjTYo2)m[aVsS\z:sHfNy/FVh=0CZp15]]UJwc=+=(Ht!gecYQ.
 cylM}.EUWSWIE8LL<Xk~:GyFzN^Q^$)o#Y:W3vD)z?sybSE.`UNk%!r{PonNeAe{NxEj+qEN8spzrD
 @OT/YETE{!~`n}oHb"%{mE4NHReDp0*#Hu8VKG9H49*tjHg6eU73c
Date: Sat, 04 Dec 1999 11:39:10 +1300
From: Dave Sainty <dave@dtsp.co.nz>

<< Also sent to current-users + Simon >>

Simon Burge writes:

> Module Name:	basesrc
> Committed By:	simonb
> Date:		Fri Dec  3 02:16:42 UTC 1999
> 
> Modified Files:
> 	basesrc/bin/ps: extern.h print.c ps.1 ps.c
> 
> Log Message:
> "ps -e" only shows the environment for the processes owned by the
> current user id or all process if run by root.
> 
> Fixes PR security/5967 from Todd Vierling.

Sometimes -e on other users processes is useful in the same way that
using ps to see other users processes is (command line arguments etc).

This seems rather a half-hearted change (why not make other peoples
command lines/processes unviewable too?), and given that the
environment has historically been viewable, no-one should consider it
secure anyway.

It seems to me to be hard to justify breaking this feature...

Cheers,

Dave