cancel
Showing results for 
Search instead for 
Did you mean: 

PS Command

Anoopkumarp
Advisor

PS Command

Hi experts,

 

I need a small help ,

 

 

We had a recent requirement from apps team to replace the default PS command to their custom script ,This is to filter the password which is displaying in the PS command output .The action plan is ,

 

 

(a)    Move original ps process into ps-org

(b)   Change the permission to ps-org  using chmod 700 ps-org,  so that no one else except root can run original ps

(c)    Use above attached script as ps and change the owner and group for this customized ps as root/root.

(d)   Do the setuid for the customized ps using chmod  u+s ps,  so that it can execute original ps but do the customized work.

 

Finally we will have following permissions:

-rwsr-sr-x  1 root root     358   Sep  22  20:26   ps

-rwx------   1 root root 79004   Mar 30  2010    ps-org

 

This will be the new PS command

 

#!/usr/bin/perl -U

$arg = $ARGV[0];

# remove the possibility of any other command
$arg =~ s/;//g;
$arg =~ s/`//g;
$arg =~ s/\n//g;

$command = "ps-org $arg";

@result = `$command`;

foreach $line (@result){
   if( $line =~ /(.*)xxxx_admin(.*)/ ){
      # do not display the password
      $line = "$1 xxx_admin -p *******\n";
   }
   print "$line";
}

 

Is there any harm in doing so? Will it affect the system perf or booting sequence.?

Thanks

Anoop

1 REPLY
Dennis Handly
Acclaimed Contributor

Re: ps command (filtering)

>-rwx------   1 root root 79004   Mar 30  2010    ps-org

 

This shouldn't be writable.

 

>$command = "ps-org $arg";

 

This should have the absolute path.

 

>Will it affect the system perf or booting sequence?

 

Not sure, you'll have to try it.   Does the filtering part work?

You do know that ps(1) isn't special and that a user can write a program to get this info.