04-10-2007 03:24 AM
04-10-2007 04:02 AM
04-10-2007 04:23 AM
04-10-2007 05:15 AM
What is the real problem you are trying to solve?
When you get those ENV variables... what do yo intent to do with them?
Maybe there is a better way than looking over the process shoulder. Maybe you can one can ask nicely.
04-10-2007 05:20 AM
Just for clarity there is no excesive (unsafe) priv on Linux for accessing info via procfs. it's a pseudo filesystem and is used exactly for the purpose(s) that Naoum used it.
04-10-2007 03:53 PM
04-11-2007 01:57 AM
Thanks a lot guys.
04-11-2007 02:26 AM
but how about parsing the listener process from the proc table.
Most of the times it should enclose the ORACLE_HOME up to bin in its (ps) args.
# UNIX95= ps -u oracle -x -o args|grep tns
/app/oracle/product/9.2.0/bin/tnslsnr l_alma -inherit
@Hein "how can one create a truly secure environment?"
The Linux folks have come up with an abundance of possible solutions.
To name but a few
SELinux, AppArmor, VServer, Xen, User Mode Linux
or from BSD take jails etc., etc.
The /proc filesystem is a true boon that on Linux'es that don't use any of the above separations or mandatory access controls
that I sometimes miss on HP-UX.
04-11-2007 03:10 AM
In Linux, much detailed information is available at /proc/
In particular, the environment file /proc/
$ ls -l /proc/1/environ
-r-------- 1 root root 0 2007-04-11 17:52 /proc/1/environ
$ ls -l /proc/11882/environ
-r-------- 1 mkurkela mkurkela 0 2007-04-11 17:56 /proc/11882/environ
$ cat /proc/1/environ
cat: /proc/1/environ: Permission denied
(Process 11882 in the example above is my current shell. Process 1 is init, of course.)
As /proc is a virtual filesystem, these file permissions are automatically generated whenever someone tries to read the files/directories under /proc. So the permissions can't really be changed to cause security breaches.
So now we know that the original perl script on Linux was either run as the same user than the interesting process, or run as root.
04-11-2007 04:21 AM
Please take a moment to assign points to those who have taken the time to assist you. Here's how: