Date: Mon, 1 Mar 2004 12:50:53 +0000 From: Andy Gilligan <andy@glbx.net> To: freebsd-security@freebsd.org Subject: Re: procfs + chmod = no go Message-ID: <20040301125053.GA94405@vega.glbx.net> In-Reply-To: <xzpvfloiwga.fsf@dwp.des.no> References: <1298.213.224.103.192.1078085673.squirrel@webmail.boxke.be> <xzpvfloiwga.fsf@dwp.des.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 1 Mar 2004 at 12:27, Dag-Erling Smørgrav wrote: > "Jimmy Scott" <admin@inet-solutions.be> writes: > > Is this possible on FreeBSD 4.9 ? Can't find anything about it in the > > manual pages. Just want to prevent lusers from running: > > > > for file in /proc/*/cmdline; do cat $file; echo; done > > Why? They can get the same information from ps(1) or the kern.proc > sysctl tree. > > (in 5.2, you can set security.bsd.see_other_uid to 0 to prevent users > from seeing other users' processes) Surely kern.ps_showallprocs would accomplish the same thing in 4.x ? -Andy
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040301125053.GA94405>