Date: Thu, 9 Sep 1999 06:19:15 -0500 (CDT) From: Mike Pritchard <mpp@FreeBSD.org> To: chris@calldei.com Cc: grios@ddsecurity.com.br (Gustavo V G C Rios), freebsd-hackers@FreeBSD.ORG Subject: Re: CS Project Message-ID: <199909091119.GAA04543@mpp.pro-ns.net> In-Reply-To: <19990908203812.A98739@holly.calldei.com> from Chris Costello at "Sep 8, 1999 08:38:12 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> On Wed, Sep 08, 1999, Gustavo V G C Rios wrote: > > Dear gentleman, > > > One clear example: > > No user(but only that ones previous allowed to) should be able to see > > other users process. This facility have to be done at kernel level, > > (that's what i think). > > Define "see". Access the memory? See that it is running? > View the argv list? I don't see how this would affect privacy. I used to work somewhere where we didn't wany any of the users to know anything about any other groups of users processes. We did this by restricting ps to only show other procs that had the same primary group as the person executing ps. Root and group wheel (or some equivalent) could always see all running procs. You could always go hunting through the file systems, but their own directory permissions were their problem, not ours. This was a computing center site with several Crays, where customer names were kept private, and we had companies that were in competition with each other using our machines. The competition didn't want each other even knowing what applications they were running, because that might give them some insight into what they were doing (keyword here: paranoid). We might have also hacked w/who/finger/last to never print the host names/addresses so no one could nslookup the addresses and really figure out where the customers were logging in from. This was to stop them from finding out the competition was also one of our customers. So I can see situations where this might be useful, I'm not sure that these types of customers are really going to ever be sharing a FreeBSD machine, but you never know. -Mike -- Mike Pritchard mpp@FreeBSD.org or mpp@mpp.pro-ns.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909091119.GAA04543>