|
|
|
|
|
|
by rwg
4473 days ago
|
|
|
"ps" will show the effective uid ocspd is running as: % ps aux|grep ocspd
root 534 0.0 0.0 2442712 2036 ?? Ss 3:53PM 0:00.04 /usr/sbin/ocspd
I don't know how to show the sandbox a running process is contained in, but it's easy enough to show that launchd runs ocspd directly, without sandbox-exec: % grep -A3 ProgramArguments /System/Library/LaunchDaemons/com.apple.ocspd.plist
<key>ProgramArguments</key>
<array>
<string>/usr/sbin/ocspd</string>
</array>
It's possible for a process to programmatically place itself in a sandbox (see /usr/include/sandbox.h), but a quick look at the source to ocspd and a quick disassembly of what actually ships with OS X 10.9.2 shows ocspd does not do that. |
|
|