friedman@wookumz.ai.mit.edu (Noah Friedman) (12/23/90)
In article <1990Dec21.184617.8685@cs.widener.edu> brendan@CS.WIDENER.EDU (Brendan Kehoe) writes: > Towards even better system management, this will let you find out >what directories your users are sitting in. There's lots of room for >improvement (e.g. taking an argument of a pid or username), etc. >Anything you wanna do to it, feel free -- just send me a copy of >whatcha did. > >[other comments and source code for program deleted] I can't imagine why anyone would want to use this unless they are either incredibly nosy and have nothing better to do or they are so paranoid they should have their head examined. Better system management indeed. But for those of you who *are* simply nosy, there is (usually) an easier way to get the current working directory (or at least the original cwd) of any process. Most shells have a PWD variable which, if exported, you can examine using "ps wwe#pid" (or no # sign if you're using SunOS 4.1) where pid is a process id. Admittedly not all shells bother to export PWD. Csh is pretty stupid and does. Probably tcsh does too. Of course, even if your victim is using one of these shells, you can't see much of the environment for the login shell because any variables set by the shell aren't in its own environment proper - but they are exported to any child processes. As for looking for setuid programs, why not again use ps? I've found this tool to be adequate. I'll give the author credit for actually playing with the kvm libraries and kernel memory, as that was something I wanted to do early on in my exploration of unix. But by the time I had the necessary privileges I lost interest and the time to do it. Also, as Mr. Kehoe writes, the kvm library is not portable and your mileage will vary depending on your specific implementation (e.g. System V ps won't show you the environment strings for a process, as far as I know). I would not consider this program any more than a curiosity, and I plead with system administrators not to be more paranoid or security-conscious than necessary. --- Noah Friedman friedman@ai.mit.edu
src@scuzzy.in-berlin.de (Heiko Blume) (12/24/90)
friedman@wookumz.ai.mit.edu (Noah Friedman) writes: >In article <1990Dec21.184617.8685@cs.widener.edu> brendan@CS.WIDENER.EDU (Brendan Kehoe) writes: >> Towards even better system management, this will let you find out >>what directories your users are sitting in. > I can't imagine why anyone would want to use this unless they are >either incredibly nosy and have nothing better to do or they are so >paranoid they should have their head examined. Better system >management indeed. there is a need for that indeed. if you have lots of file systems and users and you want to unmount one of the file systems for backup etc you might get (i.e.) '/usr/local busy'. unless you can find out who is using /usr/local you'll have fun asking all users to get off of it. -- Heiko Blume <-+-> src@scuzzy.in-berlin.de <-+-> (+49 30) 691 88 93 public source archive [HST V.42bis]: scuzzy Any ACU,f 38400 6919520 gin:--gin: nuucp sword: nuucp uucp scuzzy!/src/README /your/home