confine the output of 'ps -aux' for a user?
I was wondering, is there a way to confine the output results of ps -aux?
I want to make it so that the users can only see his/her own processes and not other people's processes, no matter what 'ps' commands the user runs. |
I don't think this is possible, and even if it were, process information could still be gleaned directly from /proc. A kludge would be to write a wrapper program for ps which checks arguments and ensures only processes from the current user are printed. You could move ps to some other name, and have the new ps call the old one. If you wanted to make sure nobody called the old ps, set it executable for root only and then make the new ps suid root.
Disclaimer: I don't think the above is a good idea, I'm just saying how it could be done. Do this at your own risk. :tisk: |
Well I have a shell account in 1and1.com which is running linux (with grsecurity) and I found it interesting (cool beans) that the output of 'ps -aux' would only bring up processes the user is running (no root process or other user processes, just mine).
There has to be some easier way, cuz I don't know how to 'code' a wrapper program. :rolleyes: |
Quote:
I presume that it may not be worth the trouble it would probably take. |
Quote:
I found some patch info for this: http://www.debianhowto.de/howtos/en/...rsecurity.html |
Quote:
Code:
#!/bin/sh |
Quote:
Where in /proc could i see process information? |
Quote:
|
All times are GMT -5. The time now is 08:10 AM. |