also sprach b...@bc-bd.org <b...@bc-bd.org> [2010.02.03.0021 +1300]: > I still think the patch is a valuable addition to molly-guard, as > it fixes a problem I and maybe others have. I think that holding > this patch back because you feel molly-guard needs to be rewritten > is the wrong thing to do.
There is no reason for me *not* to include it, so I will. However, there is one remaining problem, as far as I can see. While your patch gets rid of the pgrep-based approach and hence solves the kFreeBSD-problem, where the tty-name of the sshd process is not exported by ps, it introduces another Linux-ism: EXE=$(basename $(readlink /proc/$PARENT/exe) ) /proc/$PARENT/exe does not exist on FreeBSD. Can you fathom another way to achieve this? -- .''`. martin f. krafft <madd...@d.o> Related projects: : :' : proud Debian developer http://debiansystem.info `. `'` http://people.debian.org/~madduck http://vcs-pkg.org `- Debian - when you have better things to do than fixing systems "moderation is a fatal thing. enough is as bad as a meal. more than enough is as good as a feast." -- oscar wilde
digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)
