Re: limiting the 'ps' command on linux

From: Wojtek Walczak (gminick@hacker.pl)
Date: 03/17/03

• Next message: Thomas Gagné: "Re: I am root and can not delete a file?"
• Previous message: notbob: "Re: Log turn on"
• In reply to: Kasper Dupont: "Re: limiting the 'ps' command on linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

From: Wojtek Walczak <gminick@hacker.pl>
Date: Mon, 17 Mar 2003 15:51:39 +0000 (UTC)

Dnia Mon, 17 Mar 2003 11:47:10 +0100, Kasper Dupont napisa³(a):
> That can only be achieved by a kernel patch. And expect to break
> something when you do that. If you want a solution without any
> changes to the kernel simply don't allow users access to /proc.
> Of course removing access to /proc is going to break even more
> than the kernel patch, but you are at least not needing another
> kernel to do it. The simple approach is to umount /proc, but if
> you want root to still have access to the proc filesystem, it
> becomes more complicated. You could create a new directory
>/root/proc and replace /proc with a symlink to /root/proc.
Well, he can also hack libproc library. Changes would apply to
ps, top and so on (but all the informations will be still accessible
by browsing /proc directory).

-- 
[ Wojtek Walczak - gminick (at) underground.org.pl ]
[        <http://gminick.linuxsecurity.pl/>        ]
[ "...rozmaite zwroty, matowe od patyny dawnosci." ]

---

• Next message: Thomas Gagné: "Re: I am root and can not delete a file?"
• Previous message: notbob: "Re: Log turn on"
• In reply to: Kasper Dupont: "Re: limiting the 'ps' command on linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > comp.os.linux.security  > 2003-03