Re: getting ps to not display all processes for normal users
Its not the processes in themselves which knowledge must be hidden of, but
the parameters to processes. It might contain confidential information like
encrypted bank pins, etc....
On Wednesday 30 May 2001 04:35, Dave Sherohman wrote:
> On Tue, May 29, 2001 at 09:52:55PM -0400, Vlad wrote:
> > already done. www.openwall.com and download a kernel patch. i would say,
> > it is the FIRST thing security-wise you have to do after you install any
> > linux distro.
>
> Why would you say that? Do you really consider knowledge of other users'
> processes to be the biggest security threat on a *nix system?
>
> It seems pretty harmless to me, given that `ls /bin` will tell me what's
> installed on a system and `nmap localhost` will tell me what ports
> are listening. About the only extra information that I can think of
> that would be revealed by `ps a` and would be potentially exploitable is
> which programs that use unix domain sockets or named pipes are running -
> and even that could be derived with `find` or any other sort of recursive
> directory search.
--
~~~~~~~~~~~~~~
Alwyn Schoeman
Prism Wireless
The Internet will destroy the barriers that are isolating people
from decent opportunities based on where they happened to have been born,
and this will be a fundamental transformation of our global society that will
greatly discomfort a lot of worthless people. Then those same worthless people
will create new barriers based on access to source code, licenses,
software permissions, etc. Sigh.
-- Hans Reiser
Reply to: