[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] securing "ps"

Subject: Re: [cobalt-users] securing "ps"
From: flash22@xxxxxxx
Date: Thu Nov 15 22:11:21 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

On Thu, 15 Nov 2001, Steve Werby wrote:

> "Jonathan M. Slivko" <jslivko@xxxxxxxxxxxx> wrote:
> > Has anyone here ever successfully secured "ps" on a RaQ4i so it will only
> > show the current users proccesses, and not all of the systems proccesses
> > when a ps aux is done? Also, are there any good security sites just
> devoted
> > to Cobalt's that I should look into for securing my system?
> 
> I haven't tried, but if I wanted that behavior I'd do something like this:
> 
> Move /bin/ps to a new location and give it an obscure name.  Right a bash
> script that limits what ps outputs and what flags can be used with it (if
> that's another concern) and name it /bin/ps and make it chmod 555 or
> something else that's appropriate.  A quick hack would be something like
> 
> #!/bin/sh
> 
> ps | grep $USER
> 
> That's not a perfect solution, but it'll get you started.

and as a user i'd just ls /proc ;)

The real way to do this is to restrict access to proc (via mount options, 
that *is* why it's mountable ;), but this will also
break some things in linux...quite a few in fact ;)

Given that a user can probably make pretty educated guesses about what's
probably running on a web server , i don't really see why a restricted
ps is all that much safer than a normal one ;)

gsh

Follow-Ups:
- Re: [cobalt-users] securing "ps"
  - From: Steve Werby

References:
- Re: [cobalt-users] securing "ps"
  - From: Steve Werby

Prev by Date: [cobalt-users] Qube 3 rear panel button not responding
Next by Date: Re: [cobalt-users] securing "ps"
Previous by thread: Re: [cobalt-users] securing "ps"
Next by thread: Re: [cobalt-users] securing "ps"

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index