Re: Debian-Harden
On Tue, May 15, 2001 at 10:52:44AM -0400, Michael Stone wrote:
> On Tue, May 15, 2001 at 08:43:33AM +0200,
> bounce-debian-devel=mstone=cs.loyola.edu@lists.debian.org wrote:
> > There are some commands on System, which are similar useable for root and
> > user. Think of ps, everyone on an linux-system is able to run "ps aux", so
> > it is shown all processes of the host. I think, it it fully enaough, to
> > let an user only make ps -a", for example, to see the own processes.
>
> That level of information hiding is out of scope for a general unix system.
> It does exist, but not in the standard linux kernel. Changing ps to hide
> information is futile, as someone could bring their own ps.
It is a standard part of a security-enhanced unix-like system, though. This
functionality is included in, for example, the Openwall patches for the Linux
kernel.
--
- mdz
Reply to: