Re: Security by hiding processes

From: ellipse (ellipse@cipherpunks.com)
Date: 07/23/02


Date: Tue, 23 Jul 2002 12:22:06 +0000 (GMT)
From: ellipse <ellipse@cipherpunks.com>
To: "Remco B. Brink" <remco@rc6.org>


> during a lively discussion in some Norwegian newsgroups the issue was
> raised of increasing security on a Linux server by not allowing users
> to view process listings.
>
> Suggestions like restricting access to /proc were named, but there
> were few suggestions on how to properly implement this.

It's my conviction that an application that requires the /proc file system
is, by default, broken. There have been problems with the /proc file
system implementations of various unix operating systems, and I suspect
there will be in the future.

A multi-user system should not, in my opinion, have a /proc filesystem at
all.

> Personally I'm a bit sceptic towards this kind of security through
> obscurity, but I am hoping some of the readers of this list might have
> some input on this.
>
> Does hiding process give a false sense of security? Is it worth the
> effort? What problems can one run into by for example restricting
> access to /proc? Are there better ways to hide process information
> from users?

This is not obscurity. Information leakage is a valid vulnerability.
Anything that by default gives sensitive information to users that
probably shouldn't have it is, by default, broken. This is why we often
change the banners, and edit source to eliminate the overly nosey. By
limiting the amount of information untrusted users can gather, we limit
the vectors of entry for an attack.

Cheers,
ellipse



Relevant Pages

  • [UNIX] Buffer Overflow in ISO9660 File System Component of Linux Kernel
    ... Get your security news from a reliable source. ... The Linux kernel performs no length checking on ... symbolic links stored on an ISO9660 file system, ... In order to exploit this vulnerability, an attacker must be able to mount ...
    (Securiteam)
  • Re: FSI Indices with translates the answer
    ... directory of the file system that one is within, ... there are other MV dbms products that have virtually no security ... MV vendors should provide that functionality required by "ALL" users. ... when you fire anyone who points out problems ...
    (comp.databases.pick)
  • Re: For the AdaOS folks
    ... A mall with one or two doors on the outside to be ... > only makes sense to choke the security at a minimal number ... > that exist within the file system. ... While it is not the entire answer to network ...
    (comp.lang.ada)
  • Re: Linux security
    ... that is in Windows NT-based systems out of the box. ... Why do you want that fine level of control? ... level of control over security?" ... a file system is a different beast altogether. ...
    (Ubuntu)
  • Problems after converting FAT32 to NTFS on a Windows XP SP 2 system
    ... I inherited a Windows XP system with SP2 and FAT32 file system. ... decided to convert the file system to NTFS to use the granular security ... I have also verified that the Logical Disk Manager service is set to ...
    (microsoft.public.windowsxp.help_and_support)