From owner-freebsd-hackers Wed Aug 16 0:25: 9 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from ns1.ovis.net (ns1.ovis.net [207.0.147.2]) by hub.freebsd.org (Postfix) with ESMTP id 822B937B6EC for ; Wed, 16 Aug 2000 00:25:01 -0700 (PDT) (envelope-from chromexa@ovis.net) Received: from ovis.net (s44.pm5.ovis.net [207.0.147.110]) by ns1.ovis.net (8.9.3/8.9.3) with ESMTP id DAA18101; Wed, 16 Aug 2000 03:23:51 -0400 Message-ID: <399A4375.FFBA3624@ovis.net> Date: Wed, 16 Aug 2000 03:32:05 -0400 From: Steve Kudlak Reply-To: chromexa@ovis.net X-Mailer: Mozilla 4.5 [en]C-CCK-MCD ezn/58/n (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Poul-Henning Kamp Cc: Maxime Henrion , freebsd-hackers@FreeBSD.ORG Subject: Re: limit processes that a user can 'see' References: <42046.966228545@critter> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Poul-Henning Kamp wrote: > In message <39970D08.4BA72541@qualys.com>, Maxime Henrion writes: > > Hello, > > > >I have an idea that I would love to see applied in FreeBSD source code, > >but as I'm not skilled enough to code it, I post it to see if you think > >it makes sense, and if someone would be interested in coding this. It is > >a security measure regarding 'ps' command. > > > >By using the 'ps' command, any user logged in the system can view all > >the running processes, including root's one and processes of other > >users. My idea is to limit a bit this behaviour. > > You can possibly make jail(8) do this for you... > > -- > Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 > phk@FreeBSD.ORG | TCP/IP since RFC 956 > FreeBSD coreteam member | BSD since 4.3-tahoe > Never attribute to malice what can adequately be explained by incompetence. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message WHY WPULD ANYONE WANT TO DO THIS?? Have Fun, Sends Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message