How to hide eth0 information (from ifconfig's output) from sudo user?
I have been brainstorming a lot on how do I hide eth0 information from a sudo user, from output of ifconfig. It is my project requirement. This means upon issuing anything like "ifconfig", "ifconfig -a", "ifconfig eth0" and via other commands such as lshw, ethtool et al, the sudo user should not see the details of eth0 in any way.
The machine is a virtual machine running ubuntu 8 and 10 versions on which the user is issuing commands. We are using XenServer for virtualization.
I tried restricting the user from /etc/sudoers file but it proved to be lame solution for me and there are several ways a sudoer can get hold of eth0. I also thought of making a wrapper for 'ifconfig' like "ifconfig | sed '/eth0/,/^$/d'" but it did not work if user supplies "ifconfig -a".
I am thinking of doing something on kernel level. I am a newbie thought but sooner or later, I have to learn it. Am I thinking in the right direction ?
Is there a good reason why you want to hide this information? I'm asking because this might be harder to hide then you might have thought.
ethX/network information can be shown using a lot of commands (dmesg, cat /proc/net/dev, ifconfig, ip, etc) and it will be hard to hide this. Some of these commands (ip, ifconfig to name 2) aren't accessible out-of-the-box by normal users (/sbin is not in their PATH), but pre-pending /sbin to the command will give them access (they cannot manipulate, but they can get basic info this way).
You might be able to remove world access from the related commands, but I do wonder if you can deactivate dmesg and/or make /proc/net/dev unreadable for all but the root user.
Hope this helps.
Yeah, I agree with you. I joined in the middle of the project and the virtualization architecture was implemented. Due to lack of finances, we could arrange for only one gateway connected to internet from which users enter their VMs. They enter passing this NIC whose information we gotta hide.
As you said, there are so many commands from which user can see eth0's information. Will update if we can have a work-around for this.
Or maybe you just need to think outside of the box, and not use eth0? Maybe create a new device, or rename the device to something else, like wlan0 or wwan0?
Gotta check that but this could be a problem. Eth0 gets its address from DHCP and this interface is connected to the gateway and internet from which users login.
If I create other device like wlan and should allow it to be connected to the internet (gateway) for users to login through it, I wonder if the users would still see wlan's ip information ?
The NIC for eth0 is connected to the xen management network and users login through that and this NIC gets dynamic IP. I want to allow users to use this interface to login and not see its information, instead see other vlans and stuff for their networking purposes.
Please let me know if I am clear, else I shall post attachment related to the architecture.
Thanks for your advise !!!
From reading the above posts, I have a general concern about the feasibility of the concept. You mention hiding things like NIC, and IP, and other network information. The thing is, as was alluded to, this information is available from a wide variety of sources. The design of Ethernet is such that this information was not meant to be hidden. Rather it is included in all of the traffic and in all packets, plus more. This is the kind of information that allows packets to get from one place to another and without it, the network simply doesn't work.
While I have no idea what your application is, I get the impression that someone who doesn't truly or fully understand networking as shown by what they are considering 'privileged' information that needs to be hidden is calling the shots here.
Undoubtedly there is some form of need and some information probably needs to be protected, but it looks to me like you (or the team) needs to go back to drawing board and evaluate what your actual need and objective rather than focusing on what looks like one person's, possibly naive, view.
I used to work as a contractor for a federal agency and when they had security incidents, they always wanted to mask the internal IPs within internal and public reports. I could never understand this. If I'm using 192.168.1.200 as a gateway IP on my LAN, what the hell does it matter if anyone knows that IP? The whole IP system is public knowledge but no one on the public side of the LAN will be able to access it. The numbers themselves are just numbers.
The same can be said for any network information that is dug up when running commands associated with eth0. If you've a trust issue with people who've sudo access, you should probably remove their access. I don't think the Linux system was designed to hide such information from a user with sudo rights anyways. And, to be honest, I don't see other operating systems enabling masking of such information for users who have escalated privileges.
OP, if you were handed this project by your management chain, I feel for you.
Thanks guys !!!
Thanks for the suggestions guys.... I removed sudoers and added specific entries for ifconfig in the /etc/sudoers for STUDENT group. Now, the STUDENT group can view eth0, eth1 and eth2's information and they are only allowed to configure other ethernet addresses (eth1 and eth2).
This solution does not work for them. I told them that its not possible and left this activity
Thank you very much again for your replies !!!
Started working in new direction which is my semester's project. Will post some questions in the appropriate section if I get stuck.
|All times are GMT -5. The time now is 10:11 AM.|