Re: limiting the 'ps' command on linux
From: Wojtek Walczak (firstname.lastname@example.org)
From: Wojtek Walczak <email@example.com> Date: Mon, 17 Mar 2003 15:51:39 +0000 (UTC)
Dnia Mon, 17 Mar 2003 11:47:10 +0100, Kasper Dupont napisa³(a):
> That can only be achieved by a kernel patch. And expect to break
> something when you do that. If you want a solution without any
> changes to the kernel simply don't allow users access to /proc.
> Of course removing access to /proc is going to break even more
> than the kernel patch, but you are at least not needing another
> kernel to do it. The simple approach is to umount /proc, but if
> you want root to still have access to the proc filesystem, it
> becomes more complicated. You could create a new directory
>/root/proc and replace /proc with a symlink to /root/proc.
Well, he can also hack libproc library. Changes would apply to
ps, top and so on (but all the informations will be still accessible
by browsing /proc directory).
-- [ Wojtek Walczak - gminick (at) underground.org.pl ] [ <http://gminick.linuxsecurity.pl/> ] [ "...rozmaite zwroty, matowe od patyny dawnosci." ]