Programming

I wrote a wrapper (call it prog1) around another program (call it prog2) for security purposes. When prog1 launches prog2 it sets the argv[0] value to be "prog1" so that "prog2" does not show up when you use the "ps" command. Howerver, if you use the option "-o fname" with "ps" then the file name for prog2 still shows up (also when running "sdtprocess", this being Solaris). I'd like to stop this from happening, but the file name is apparently being pulled from the /proc file system and I don't think prog1 is going to have permission to change any values in prog2's state. So I have 2 questions:

1) Is it even possible to change the filename values in prog2's /proc entries through any method?

2) Is there any way to do this from within prog1? (I don't have access to prog2's source code or I wouldn't have needed a wrapper to begin with)

Thanks or any help.

1. You can't rename them because they are creations of the kernel.

2. I just tried this - you can create a symlink to the file with ln -s to a directory in /proc, and it works correctly.

??
3. Your first program could read the /proc/whatever/file into a local file then give that file name to prog2

I'm not sure I understand your answers. I think we might be talking past each other so let me see if I can be a little more specific in what I'm doing.

prog2 is just a standard Xwindows application that knows nothing about what I'm trying to do. prog1 is a "wrapper" around it that I wrote. prog2 has been moved out of it's standard location and put somewhere else in the file system. prog1 has taken it's place. It's job is to check the user id and the command line being passed to prog2 to see if it is allowed, and if it is then execute prog2 with that command line. However, I don't want "prog2" showing up in a "ps" listing, so before executing the execv command I change argv[0] to "prog1". So if you just run "ps" prog2 never shows up since the default for ps is to show only the command line, not the actual file name. But if you pass "-o fname" (or use "sdtprocess") then the actual filename shows up, which is bad because the command line says "prog1" and the actual filename says "prog2".

I'm using Solaris 8 if that makes a difference. I've looked at the /proc directory and it's all pid values for directories and each directory has a standard layout. The only place I've found the filenames I'm looking for is in the file "psinfo", which makes sense since there is a "psinfo" structure in the "procfs.h" header with an "fname" field. So I assumed the way to change the value of fname for "prog2" was to find it's pid (no problem there), read in the psinfo file, change the fname field and write it back out. Assuming this can be done, which I suspected could not be, and your comments in 1) above reinforces that.

In your other comments you mention creating a smylink between a directory in /proc and something else (prog2?) or copying a file from the /proc directory and giving that name to prog2. I don't know what you are saying here. Could you explain this further?

Thank you for your reply.

What I think your problem is: being able to view the name of the file in the /proc directory in ps. What my solution is: make the file look like another one completely -disguise the actual name of the file - since you wanted to "rename" a /proc file entry, this renames the entry as far as ps is concerned. But not as far as the prog2 is concerned.

Code:

ln -s /proc/directory/somefile ./somelink
prog2 ./somelink

The ps display will show ./somelink not /proc.....