From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-30004-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1Jcg2z-0004Op-Dt
	for garchives@archives.gentoo.org; Fri, 21 Mar 2008 12:08:33 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id F1E0EE0D77;
	Fri, 21 Mar 2008 12:08:31 +0000 (UTC)
Received: from mail.marples.name (rsm.demon.co.uk [80.177.111.50])
	by pigeon.gentoo.org (Postfix) with ESMTP id C2579E0D77
	for <gentoo-dev@lists.gentoo.org>; Fri, 21 Mar 2008 12:08:31 +0000 (UTC)
Received: from uberpc.marples.name (uberpc.marples.name [10.73.1.30])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.marples.name (Postfix) with ESMTP id 4289D19006C
	for <gentoo-dev@lists.gentoo.org>; Fri, 21 Mar 2008 12:08:31 +0000 (GMT)
From: Roy Marples <roy@marples.name>
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] Testing to see if services have crashed on  hardened
Date: Fri, 21 Mar 2008 12:08:30 +0000
User-Agent: KMail/1.9.7
References: <200803211020.45551.roy@marples.name> <1206096252.31941.19.camel@nc.nor.wtbts.org>
In-Reply-To: <1206096252.31941.19.camel@nc.nor.wtbts.org>
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain;
  charset="utf-8"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200803211208.30919.roy@marples.name>
X-Archives-Salt: 86b0924f-9f77-4937-9f05-2c00392939c2
X-Archives-Hash: 2bd08332f0b055a815273060557898e3

On Friday 21 March 2008 10:44:12 Natanael Copa wrote:
> err... run rc-status as root?
>
> I mean if you are not supposed to see if a process is running or not as
> normal user, then hardned is doin it's job when does not allow rc-status
> to show this info to the unprivileged user.
>
> if (!HARDENED || (HARDENED && euid=0) {
> 	/* show if process is running or not */
> }

Ideally I'd like a runtime catch rather than a define for this though, but 
that's probably the best idea thus far.

Thanks

Roy
-- 
gentoo-dev@lists.gentoo.org mailing list