Date: Thu, 2 May 2002 10:16:11 -0700 (PDT) From: Jeff <jeff@boris.st.hmc.edu> To: "Brian T.Schellenberger" <bts@babbleon.org> Cc: default <default013subscriptions@hotmail.com>, FreeBSD-Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Restricting PS Use Message-ID: <20020502101331.O20800-100000@boris.st.hmc.edu> In-Reply-To: <20020502171102.EC819BB29@i8k.babbleon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 May 2002, Brian T.Schellenberger wrote: > On Thursday 02 May 2002 12:58 pm, default wrote: > | Hello, > | > | I have been trying to get this working for a long time to no avail, but... > | > | Basically I need to restrict the PS command so that normal users are only > | able to see their own processes... > | > | I would appreciate any suggestion on how to do this... > | > > - create a "ps" userid > - restrict ps so that only "PS" can execute it (root will be able to anyay). > - create a new ps command, probably just as a perl script, in /usr/local/bin > - make the perl script suid to the new "ps" id. > - Have the perl script execute ps and filter out the records you don't want. > > You can now restrict ps in any way you desire. > > Or, check sysctl kern.ps_showallprocs (more specifically, set it to zero) ... man 1 ps would have told you the same thing. - Jeff ============== Jeff Jirsa HMC Unix Admin jjirsa@hmc.edu ============== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020502101331.O20800-100000>