Date: Mon, 01 Mar 2004 13:27:33 +0100 From: des@des.no (Dag-Erling =?iso-8859-1?q?Sm=F8rgrav?=) To: "Jimmy Scott" <admin@inet-solutions.be> Cc: freebsd-security@freebsd.org Subject: Re: procfs + chmod = no go Message-ID: <xzpvfloiwga.fsf@dwp.des.no> In-Reply-To: <1298.213.224.103.192.1078085673.squirrel@webmail.boxke.be> (Jimmy Scott's message of "Sun, 29 Feb 2004 21:14:33 %2B0100 (CET)") References: <1298.213.224.103.192.1078085673.squirrel@webmail.boxke.be>
next in thread | previous in thread | raw e-mail | index | archive | help
"Jimmy Scott" <admin@inet-solutions.be> writes: > Is this possible on FreeBSD 4.9 ? Can't find anything about it in the > manual pages. Just want to prevent lusers from running: > > for file in /proc/*/cmdline; do cat $file; echo; done Why? They can get the same information from ps(1) or the kern.proc sysctl tree. (in 5.2, you can set security.bsd.see_other_uid to 0 to prevent users from seeing other users' processes) DES --=20 Dag-Erling Sm=F8rgrav - des@des.no
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpvfloiwga.fsf>