#!/bin/sh
# DF-0015 run: read kern.proc.pathname.<pid> as an UNPRIVILEGED user for a
# process we do NOT own (default arg = pid 1 = root's init).
#
# To reproduce the decisive "hardened config" contrast (args/cwd gated,
# pathname not), as root run:
#     sysctl kern.ps_argsopen=0
# first, then run this as the unprivileged user.
cd "$(dirname "$0")"
./leak_pathname "${1:-1}"
