Re: limiting "ps" command on every user..

To: john.darrington@ot.com.au
Cc: debian-user@lists.debian.org
Subject: Re: limiting "ps" command on every user..
From: Josep Llauradó Selvas <darlock@tinet.org>
Date: Tue, 3 Jul 2001 13:28:36 +0200 (CEST)
Message-id: <[🔎] Pine.LNX.4.21.0107031313020.18076-100000@darlock.activa-online.int>

Yo can take a look at http://www.rsbac.de/. This software give you a secured
linux environment and provides a patch to the kernel (called hypersec), that
adds more security to the kernel. One option is /proc protection.

There is arround there a lot of other patches providing similiar functionality,
you only have to download the patch and apply it to the kernel.

	I've often wondered why the kernel doesn't have this feature as a compile 
	time option.  Certain other OSes allow this feature (primarily those which
	need military security ratings). 

	I don't think the wrapper idea is a very secure one, because anyone can simply 
	read the information from /proc.  What realy needs to be done is to have an
	option to the /proc filesystem kernel module (perhaps it exists now, but it
 	didn't last time I looked, so forgive me if my info is out of date).


_________________________________________________________
Josep Llauradó Selvas	                darlock@tinet.org
	      Linux Registered User #153481
KeyFP: D82F 525C DD22 02C9 6909  20D6 F622 F3E8 18CD C548
The only "intuitive" interface is the nipple.
After that, it's all learned.
(in comp.os.linux.misc, on X interfaces.)
_________________________________________________________

Reply to:

Prev by Date: apt-get upgrade problem
Next by Date: two keymaps for two kernels
Previous by thread: RE: limiting "ps" command on every user..
Next by thread: Ximian-Gnome/Sawfish Configuration and ESD
Index(es):
- Date
- Thread