Command line and full screen utilities for browsing procfs, a "pseudo" file system dynamically generated by Linux to provide information about the status of entries in its process table.
Go to file
Jim Warner a02a31f7e9 top: eliminate that potential vulnerability for TOCTOU
Initially, I was going to ignore that coverity warning
CID #177876. But, since top may be running SETUID it's
best if it can be avoided instead. The fix was simple.

We'll trade the access() call for a real fopen() call.
This time-of-check-time-of-use warning should go away.
------------------------------------------------------

When XDG support was originally introduced in top, the
author made a poor choice in access(). A real question
that needed asking was 'does the file exist'. However,
the question that was asked was 'can this real user ID
or this real group ID access the file'. Then, when the
fopen() is finally issued, top would use the effective
user ID or the effective group ID to access that file.

That's what opened the potential TOCTOU vulnerability,
which was important only if top was running SUID/SGID.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2017-10-14 21:48:00 +11:00
contrib
doc
Documentation
include
lib
man-po
misc
po
proc
ps ps: don't use '+' truncation indicator with multi-byte 2017-10-02 22:23:13 +11:00
testsuite
top top: eliminate that potential vulnerability for TOCTOU 2017-10-14 21:48:00 +11:00
.gitignore
.gitlab-ci.yml
AUTHORS
autogen.sh
ChangeLog
configure.ac
COPYING
COPYING.LIB
create-man-pot.sh
free.1
free.c
INSTALL.md
kill.1
kill.c
Makefile.am
NEWS NEWS: acknowledged top's multi-byte support extensions 2017-10-01 22:26:35 +11:00
pgrep.1
pgrep.c
pidof.1
pidof.c
pkill.1
pmap.1
pmap.c
pwdx.1
pwdx.c
README.md
skill.1
skill.c
slabtop.1
slabtop.c
snice.1
sysctl.8
sysctl.c
sysctl.conf
sysctl.conf.5
tload.1
tload.c
translate-man.sh
uptime.1
uptime.c
vmstat.8
vmstat.c
w.1
w.c
watch.1
watch.c

build status procps

procps is a set of command line and full-screen utilities that provide information out of the pseudo-filesystem most commonly located at /proc. This filesystem provides a simple interface to the kernel data structures. The programs of procps generally concentrate on the structures that describe the processess running on the system.

The following programs are found in procps:

  • free - Report the amount of free and used memory in the system
  • kill - Send a signal to a process based on PID
  • pgrep - List processes based on name or other attributes
  • pkill - Send a signal to a process based on name or other attributes
  • pmap - Report memory map of a process
  • ps - Report information of processes
  • pwdx - Report current directory of a process
  • skill - Obsolete version of pgrep/pkill
  • slabtop - Display kernel slab cache information in real time
  • snice - Renice a process
  • sysctl - Read or Write kernel parameters at run-time
  • tload - Graphical representation of system load average
  • top - Dynamic real-time view of running processes
  • uptime - Display how long the system has been running
  • vmstat - Report virtual memory statistics
  • w - Report logged in users and what they are doing
  • watch - Execute a program periodically, showing output fullscreen

Reporting Bugs

There are a few ways of reporting bugs or feature requests:

  1. Your distributions bug reporter. If you are using a distribution your first port of call is their bug tracker. This is because each distribution has their own patches and way of dealing with bugs. Also bug reporting often does not need any subscription to websites.
  2. GitLab Issues - To the left of this page is the issue tracker. You can report bugs here.
  3. Email list - We have an email list (see below) where you can report bugs. The problem with this method is bug reports often get lost and cannot be tracked. This is especially a big problem when its something that will take time to resolve.

If you need to report bugs, there is more details on the Bug Reporting page.

Email List

The email list for the developers and users of procps is found at http://www.freelists.org/archive/procps/ This email list discusses the development of procps and is used by distributions to also forward or discuss bugs.