Not all versions of Unix hide the contents of a user's environment from other users. On Solaris, for example, /usr/ucb/ps -augxwwwe will show you other users' processes' environment variables.

Interesting... even when not run as root, and the process belongs to another user? I mean... on linux, ps can list environment, but only of processes which the executing user has privelege over. And the reason, fundamentally, is that the O/S just doesn't give out that information. The /proc filesystem and the ps command are just different means of accessing it.

I guess one thing that could explain that is if the ps binary was setuid root. But that would indicate frighteningly bad systems administration.

I'd actually be kind of surprised (but I could believe still it) that solaris has less security partitioning than linux.


------------
:Wq
Not an editor command: Wq

Even when not run as root and the process belongs to another user.

The /usr/ucb/ps command is SetUID root, as you suggest (well, it's a wrapper for a SetUID program). In traditional Unix, ps was always SetUID root, as it read process structures directly from kernel memory. It's only in more modern Unices with /proc that it doesn't need to be, but for some reason on Solaris it still is.

To be fair, /usr/ucb/ps is a SunOS 4 compatibility-mode program, and doesn't have to be installed. I couldn't find a way to look at a process's environment with the /bin/ps, but regardless it's not safe to assume nobody else can look at your environment.