From owner-freebsd-questions Thu May 2 10:28:48 2002 Delivered-To: freebsd-questions@freebsd.org Received: from hotmail.com (f160.law12.hotmail.com [64.4.19.160]) by hub.freebsd.org (Postfix) with ESMTP id 3D34037B417 for ; Thu, 2 May 2002 10:28:42 -0700 (PDT) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 2 May 2002 10:28:42 -0700 Received: from 216.228.133.13 by lw12fd.law12.hotmail.msn.com with HTTP; Thu, 02 May 2002 17:28:41 GMT X-Originating-IP: [216.228.133.13] From: "default013 subscriptions" To: jeff@boris.st.hmc.edu Cc: freebsd-questions@freebsd.org Subject: Re: Restricting PS Use Date: Thu, 02 May 2002 12:28:41 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 02 May 2002 17:28:42.0170 (UTC) FILETIME=[CDE971A0:01C1F1FE] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I wish I could do the sysctl thing, but I am using FreeBSD 4.1 ... Apparently there is no setting for that in my distribution. I will give the other way a shot, but... am I right in assuming that I won't be able to use the sysctl answer? ... I wonder if I could just upgrade sysctl... Thanks >From: Jeff >To: "Brian T.Schellenberger" >CC: default , FreeBSD-Questions > >Subject: Re: Restricting PS Use >Date: Thu, 2 May 2002 10:16:11 -0700 (PDT) >MIME-Version: 1.0 >Received: from [134.173.63.11] by hotmail.com (3.2) with ESMTP id >MHotMailBE9ABF4E00A24136E85186AD3F0B0A870; Thu, 02 May 2002 10:15:58 -0700 >Received: from localhost (jeff@localhost)by boris.st.hmc.edu >(8.11.6/8.11.6) with ESMTP id g42HGBL21473;Thu, 2 May 2002 10:16:12 -0700 >(PDT)(envelope-from jeff@boris.st.hmc.edu) >From jeff@boris.st.hmc.edu Thu, 02 May 2002 10:16:43 -0700 >In-Reply-To: <20020502171102.EC819BB29@i8k.babbleon.org> >Message-ID: <20020502101331.O20800-100000@boris.st.hmc.edu> > > > >On Thu, 2 May 2002, Brian T.Schellenberger wrote: > > > On Thursday 02 May 2002 12:58 pm, default wrote: > > | Hello, > > | > > | I have been trying to get this working for a long time to no avail, >but... > > | > > | Basically I need to restrict the PS command so that normal users are >only > > | able to see their own processes... > > | > > | I would appreciate any suggestion on how to do this... > > | > > > > - create a "ps" userid > > - restrict ps so that only "PS" can execute it (root will be able to >anyay). > > - create a new ps command, probably just as a perl script, in >/usr/local/bin > > - make the perl script suid to the new "ps" id. > > - Have the perl script execute ps and filter out the records you don't >want. > > > > You can now restrict ps in any way you desire. > > > > > >Or, check sysctl kern.ps_showallprocs (more specifically, set it to >zero) ... man 1 ps would have told you the same thing. > >- Jeff > >============== >Jeff Jirsa >HMC Unix Admin >jjirsa@hmc.edu >============== > _________________________________________________________________ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message