Harden RHEL - Only show processes owned by the user
I don't want that the regular user may explore what processes are running on the system by other users/root.
How may RHEL 4/5 be restricted in that way? One possibility would be XEN and a seperate virtual machine per user. But I want all users to share the same machine. |
Quote:
Quote:
|
For example if unpriviledged users are logged in to the system, they are able to find out, what ssh connections other users run or there may be the possibility that login credentials are used in plaintext by unexperienced users and that would be visible with the ps command.
Also the user should not know what daemons are running on the system. So that it is more difficult to find exploits for the system. |
Apart from the credentials stuff (IMHO education first of all) it all points towards system hardening. Not being able to see other processes can be a part of that. Unfortunately the most invasive things (like drafting a policy, kernel and package choice) are best dealt with before or during the installation. Did you by any chance read RHEL admininstration docs and basic hardening tutorials already?
|
All times are GMT -5. The time now is 12:05 AM. |