[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] Intrusion spyware malware key stroke detection



Kendy,

On Wednesday 22 February 2006 08:05, Kendy Kutzner wrote:
> On 2006-02-22T07:44:23-0800, Randall R Schulz wrote:
> > There is no output from "ps" that's available to root only.
>
> There is. Normal users can't read the environment from others. ps
> option 'e' shows the environment.

Yes. I overlooked that.

When you think about it, it's odd that arguments are disclosed without 
respect to user IDs but environment variable are not. It's rather 
arbitrary and I can't think of a reason why arguments are considered 
less sensitive than environment variables are.


> Kendy


Randall Schulz

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here