Security by hiding processes

From: Remco B. Brink (remco@rc6.org)
Date: 07/23/02

• Previous message: Alfred Huger: "Announcement"
• Next in thread: quentyn@fotango.com: "Re: Security by hiding processes"
• Reply: quentyn@fotango.com: "Re: Security by hiding processes"
• Reply: Brian Hatch: "Re: Security by hiding processes"
• Reply: José Luis Domingo López: "Re: Security by hiding processes"
• Reply: Skip Carter: "Re: Security by hiding processes"
• Reply: Seth Arnold: "Re: Security by hiding processes"
• Reply: ellipse: "Re: Security by hiding processes"
• Reply: Gommers, Joep: "RE: Security by hiding processes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

To: focus-linux@securityfocus.com
From: remco@rc6.org (Remco B. Brink)
Date: Tue, 23 Jul 2002 15:28:45 +0200

Hi,

during a lively discussion in some Norwegian newsgroups the issue was
raised of increasing security on a Linux server by not allowing users
to view process listings.

Suggestions like restricting access to /proc were named, but there
were few suggestions on how to properly implement this.

Personally I'm a bit sceptic towards this kind of security through
obscurity, but I am hoping some of the readers of this list might have
some input on this.

Does hiding process give a false sense of security? Is it worth the
effort? What problems can one run into by for example restricting
access to /proc? Are there better ways to hide process information
from users?

Any input is well appreciated.

regards,
Remco

-- 
   Remco B. Brink -- Information Systems Developer, Opera Software ASA
Personal site at http://rc6.org - PGP/GnuPG key at http://rc6.org/rbb.pgp
An honest politician is one who stays bought. 

---

• Previous message: Alfred Huger: "Announcement"
• Next in thread: quentyn@fotango.com: "Re: Security by hiding processes"
• Reply: quentyn@fotango.com: "Re: Security by hiding processes"
• Reply: Brian Hatch: "Re: Security by hiding processes"
• Reply: José Luis Domingo López: "Re: Security by hiding processes"
• Reply: Skip Carter: "Re: Security by hiding processes"
• Reply: Seth Arnold: "Re: Security by hiding processes"
• Reply: ellipse: "Re: Security by hiding processes"
• Reply: Gommers, Joep: "RE: Security by hiding processes"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Security by hiding processes ... > raised of increasing security on a Linux server by not allowing users ... > Suggestions like restricting access to /proc were named, ... It's my conviction that an application that requires the /proc file system ... This is not obscurity. ... (Focus-Linux) Re: hacked? ... Tim Haynes wrote: ... >> security? ... I go one better: don't install things at ... compiler technology for you architecture - so restricting access to gcc is ... (comp.os.linux.security) Re: How to protect different cells by diff. passwords? ... security and restricting access is much better to do. ... Dnereb ... Dnereb's Profile: http://www.excelforum.com/member.php?action=getinfo&userid=26182 ... (microsoft.public.excel.worksheet.functions) Re: SECURITY PROBLEM OR NOT ... > I know this is the way it works on some UNIX flavours (I don't know if ... > is not a security breach against C2 ... Restricting access to "other processes" is possible, ... giving any real security. ... (comp.security.unix) Re: rsbac -- perfect solution ... > are running a linux server of any sort, why would you NOT apply rsbac? ... security environments but neither of us do. ... (comp.security.unix)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > focus-linux  > 2002-07