Re: exported shell variables and scope
On Wed, Jul 25, 2001 at 04:44:39PM +0200, Wichert Akkerman wrote:
> Previously Marcus Brinkmann wrote:
> > Except in the Hurd, which has a msgport utility which can be used to frob
> > the process information of any process (assuming the privilege is granted).
> > msgport can get/set environment variables, change the root and working
> > directory, change the umask or mangle the file descriptor table.
>
> Please do tell me that is not possible unless a process explicitly allows
> others to do that to it.. otherwise Hurd will be a complete security
> nightmare I fear (ptrace is already bad enough).
>
Well, I wrote "assuming the privilege is granted". The rules when you
are allowed to do that or not are the same as the rules which determine
if you are allowed to send a signal to the process and change the process
authentification. Basically, you need to be the owner of the process.
I think root can change all processes.
Thanks,
Marcus
PS: I haven't actually verified that they are exactly the same. Maybe there
are some variations of the rules, but I am not aware of them, and can't think
of a reason why there should be.
Reply to: