Re: limiting the 'ps' command on linux
From: Kasper Dupont (kasperd@daimi.au.dk)
Date: 03/17/03
- Next message: Alessandro Selli: "Re: Psionic taken over by Cisco ?"
- Previous message: Jason: "Log turn on"
- In reply to: Erald Troja: "limiting the 'ps' command on linux"
- Next in thread: Wojtek Walczak: "Re: limiting the 'ps' command on linux"
- Reply: Wojtek Walczak: "Re: limiting the 'ps' command on linux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Kasper Dupont <kasperd@daimi.au.dk> Date: Mon, 17 Mar 2003 11:47:10 +0100
Erald Troja wrote:
>
> i am trying to find out a way to limit regular users in the way they use
> the 'ps' command
>
> e.g when one does 'ps -A' or 'ps -e' one would be able to only see one's
> own processes...in other terms i like to have users only be able to do
> 'ps -u $LOGNAME' and nothing else
That can only be achieved by a kernel patch. And expect to break
something when you do that. If you want a solution without any
changes to the kernel simply don't allow users access to /proc.
Of course removing access to /proc is going to break even more
than the kernel patch, but you are at least not needing another
kernel to do it. The simple approach is to umount /proc, but if
you want root to still have access to the proc filesystem, it
becomes more complicated. You could create a new directory
/root/proc and replace /proc with a symlink to /root/proc.
-- Kasper Dupont -- der bruger for meget tid på usenet. For sending spam use mailto:aaarep@daimi.au.dk for(_=52;_;(_%5)||(_/=5),(_%5)&&(_-=2))putchar(_);
- Next message: Alessandro Selli: "Re: Psionic taken over by Cisco ?"
- Previous message: Jason: "Log turn on"
- In reply to: Erald Troja: "limiting the 'ps' command on linux"
- Next in thread: Wojtek Walczak: "Re: limiting the 'ps' command on linux"
- Reply: Wojtek Walczak: "Re: limiting the 'ps' command on linux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
