Hi,
I just thought that I share with you what I have just found. Currently I'm testing this option, but as my system is not running many services nor it has many users, I cannot tell how hard and how helpful/harmful it could be.
Since kernel 3.2+ (
http://tuxdiary.com/2014/08/23/hidepid/), the
/proc can be mounted with
hidepid option, which basically hides all the processes run by other users. I placed it in rc.local:
Code:
/sbin/mount -oremount,hidepid=2,gid=showpid /proc
I have added additional group
showpid (currently empty), that enables all the users belonging to this group to view all the processes in the system. This might be needed for services that are not running as
root but need to learn about processes of different users.
This option might not be well known, as searching through LQ brings no results.
You can find more info trying to search using your favourite web search service
After enabling this option, try
ps aux or going into
/proc and you'll notice how clean they look
BTW, as always,
root can see everything...
--
Best regards,
Andrzej Telszewski