[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: limiting "ps" command on every user..

Yo can take a look at http://www.rsbac.de/. This software give you a secured
linux environment and provides a patch to the kernel (called hypersec), that
adds more security to the kernel. One option is /proc protection.

There is arround there a lot of other patches providing similiar functionality,
you only have to download the patch and apply it to the kernel.

	I've often wondered why the kernel doesn't have this feature as a compile 
	time option.  Certain other OSes allow this feature (primarily those which
	need military security ratings). 

	I don't think the wrapper idea is a very secure one, because anyone can simply 
	read the information from /proc.  What realy needs to be done is to have an
	option to the /proc filesystem kernel module (perhaps it exists now, but it
 	didn't last time I looked, so forgive me if my info is out of date).

Josep Llauradó Selvas	                darlock@tinet.org
	      Linux Registered User #153481
KeyFP: D82F 525C DD22 02C9 6909  20D6 F622 F3E8 18CD C548
The only "intuitive" interface is the nipple.
After that, it's all learned.
(in comp.os.linux.misc, on X interfaces.)

Reply to: