LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page Changing kernel function permissions?
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 11-26-2005, 01:34 PM   #1
juanbobo
Member
 
Registered: Mar 2005
Location: Chicago
Distribution: Gentoo AMD64
Posts: 365

Rep: Reputation: 30
Changing kernel function permissions?

What would it take to change the permissions of the core kernel functions? For example, I don't want users to be able to see what processes are running or open network connections. You can change the permissions of ps and netstat, but it is still possible for users to write programs to request the same information from the kernel. Is there any way to prevent this without rewriting the kernel?
 
Old 11-27-2005, 10:37 AM   #2
trickykid
LQ Guru
 
Registered: Jan 2001
Posts: 24,149

Rep: Reputation: 269Reputation: 269Reputation: 269
What would be the whole reason behind this? If you've setup your host correctly, you shouldn't have to worry about regular users who can view processes running. If I were a user that had access to a host, if one of my applications was hung or not, it would be rather handy to see the process running, get the id of it, so I could kill it, restart it, etc.

I fail to see the reasoning behind what your wanting to accomplish.
 
Old 11-29-2005, 08:58 PM   #3
juanbobo
Member
 
Registered: Mar 2005
Location: Chicago
Distribution: Gentoo AMD64
Posts: 365

Original Poster
Rep: Reputation: 30
I want to be able to control which kernel functions are accessible by users.
 
Old 11-29-2005, 09:06 PM   #4
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,290

Rep: Reputation: 378Reputation: 378Reputation: 378Reputation: 378
Look into something like grsecurity or SELinux. Neither are exactly trivial to set up with a custom configuration, though. I suppose you could also not mount /proc so people couldn't read any of the files in there, but it would undoubtedly break some stuff. Beyond that, you might have to get into some custom kernel hacking.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
changing permissions sy-co Mandriva 5 04-16-2004 10:13 AM
Changing permissions in 9.2 Jerrac Mandriva 17 12-08-2003 07:36 AM
changing the function of ctrl and tab kopite Slackware 1 11-26-2003 01:30 PM
Changing Many Permissions at Once food188 Linux - General 3 11-02-2003 08:17 AM
Changing Permissions synecdoche Linux - General 1 08-21-2003 10:41 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:08 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration