From owner-freebsd-hackers Thu Sep 9 12:11:15 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from mta2.rcsntx.swbell.net (mta2.rcsntx.swbell.net [151.164.30.26]) by hub.freebsd.org (Postfix) with ESMTP id 7846D15328; Thu, 9 Sep 1999 12:11:07 -0700 (PDT) (envelope-from chris@holly.dyndns.org) Received: from holly.dyndns.org (adsl-216-62-157-60.dsl.hstntx.swbell.net) by mta2.rcsntx.swbell.net (Sun Internet Mail Server sims.3.5.1999.05.24.18.28.p7) with ESMTP id <0FHT005GL3XCEN@mta2.rcsntx.swbell.net>; Thu, 9 Sep 1999 14:10:24 -0500 (CDT) Received: (from chris@localhost) by holly.dyndns.org (8.9.3/8.9.3) id OAA02773; Thu, 09 Sep 1999 14:10:08 -0500 (CDT envelope-from chris) Date: Thu, 09 Sep 1999 14:10:07 -0500 From: Chris Costello Subject: Re: CS Project In-reply-to: <199909091119.GAA04543@mpp.pro-ns.net> To: Mike Pritchard Cc: Gustavo V G C Rios , freebsd-hackers@FreeBSD.ORG Reply-To: chris@calldei.com Message-id: <19990909141007.D1834@holly.calldei.com> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii User-Agent: Mutt/0.96.6i References: <19990908203812.A98739@holly.calldei.com> <199909091119.GAA04543@mpp.pro-ns.net> Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Sep 09, 1999, Mike Pritchard wrote: > I used to work somewhere where we didn't wany any of the users > to know anything about any other groups of users processes. > We did this by restricting ps to only show other procs that > had the same primary group as the person executing ps. > Root and group wheel (or some equivalent) could always see > all running procs. You could always go hunting through the > file systems, but their own directory permissions were their problem, > not ours. It would be trivial, in FreeBSD. Simply hack a few lines of VFS code in procfs to change permissions from (S_IRUSR | S_IRGRP | S_IROTH | S_IXUSR | S_IXGRP | S_IXOTH) to (S_IRUSR | S_IRGRP | S_IXUSR | S_IXGRP) ^^^^^^^ ^^^^^^^ Optional; if you don't want people in the same group seeing processes, do not use these permissions. I haven't looked into it, but it should be rather trivial, if such security is important. > -Mike > -- > Mike Pritchard > mpp@FreeBSD.org or mpp@mpp.pro-ns.net > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message -- |Chris Costello |Feet Smell? Nose Run? Hey, you're upside down! `------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message