kvm_openfiles(3) manual page and procfs

Brooks Davis brooks at one-eyed-alien.net
Wed Jul 9 15:04:52 UTC 2003


On Wed, Jul 09, 2003 at 01:40:35PM +0200, Vivenzio Pagliari wrote:
> 
> First I read somewhere (unfortunately I cannot remember where), that
> procfs is deprecated for getting information from and should not be used
> because it is not secure. My question here is: Is this statement correct and
> if yes, why isn't procfs secure? (This question is somewhat off-topic for
> freebsd-doc, but maybe someone can tell me ?!)

We've deprecated it because it has been a major source of kernel
vulnerabilities in the past and it's very difficult to get right.

> Looking at some documentation and the sources of the ps program,
> I've realized that the kvm_* familiy of functions serves this purpose in
> FreeBSD.
> 
> In the ps source, I've noticed, that "/dev/null" is used for the first two
> parameters of kvm_openfiles (the execfile and corefile arguments).
> But this is not documented in the man page, which rather suggests to
> use NULL or a kernel image as execfile and /dev/mem or dev/kmem
> or NULL for corefile. Shoudn't the usage of "/dev/null" be documented
> as well?

I'd say it should be documented or the examples in existing code should
be removed.  If you submit a patch documenting it, someone would
probably commit it.

-- Brooks

-- 
Any statement of the form "X is the one, true Y" is FALSE.
PGP fingerprint 655D 519C 26A7 82E7 2529  9BF0 5D8E 8BE9 F238 1AD4
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-doc/attachments/20030709/5c6ac77c/attachment.sig>


More information about the freebsd-doc mailing list