Re: Bits from the Security Team

To: debian-devel@lists.debian.org
Subject: Re: Bits from the Security Team
From: Craig Small <csmall@debian.org>
Date: Thu, 6 Mar 2014 12:21:06 +1100
Message-id: <[🔎] 20140306012106.GA30583@enc.com.au>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 5317B918.10209@ens-lyon.org>
References: <20140305190301.GA2912@pisco.westfalen.local> <[🔎] 20140305195409.GB23080@bogon.m.sigxcpu.org> <[🔎] 20140305213323.GA9381@jwilk.net> <[🔎] 5317B918.10209@ens-lyon.org>

On Thu, Mar 06, 2014 at 12:54:00AM +0100, Vincent Danjean wrote:
>   I'm not sure I will let this setup (hidepid=1) on my computers. My
> current POV (that can change) is that I prefer to be able to do the
> maximum of thing as a normal user (top, ps, read log (I'm in the
> adm group), ...) ans switch to root when I really need to do some
> modifications.
You apparently can have a "special" group that can see everything.
That might be worthwhile for a default.

It makes things like pstree look odd, so I'll be expecting some new bug
reports.

Someone might like to fix mount(8) too, especially the bit about procfs
if this is the new default.

 - Craig
-- 
Craig Small (@smallsees)   http://enc.com.au/       csmall at : enc.com.au
Debian GNU/Linux           http://www.debian.org/   csmall at : debian.org
GPG fingerprint:        5D2F B320 B825 D939 04D2  0519 3938 F96B DF50 FEA5

Reply to:

Follow-Ups:
- Re: Bits from the Security Team
  - From: Stephan Seitz <stse+debian@fsing.rootsland.net>

References:
- Re: Bits from the Security Team
  - From: Guido Günther <agx@sigxcpu.org>
- Re: Bits from the Security Team
  - From: Jakub Wilk <jwilk@debian.org>
- Re: Bits from the Security Team
  - From: Vincent Danjean <Vincent.Danjean@ens-lyon.org>

Prev by Date: Re: Bits from the Security Team
Next by Date: Bug#740904: ITP: glamour -- beautiful 2D game with princesses for young girls
Previous by thread: Re: Bits from the Security Team
Next by thread: Re: Bits from the Security Team
Index(es):
- Date
- Thread