prohibit other user "top" my commands
in [Linux Help]
|
Prev: Puppy Linux 4.3.1
Next: Who knows routers?
From: ela on 17 Nov 2009 20:01 every users can top and therefore know each other running what jobs with exact parameters and outputs. How to hide one's command from top?
From: Lew Pitcher on 17 Nov 2009 20:03 On November 17, 2009 20:01, in alt.os.linux, ela (ela(a)yantai.org) wrote: > every users can top and therefore know each other running what jobs with > exact parameters and outputs. Yes? So? > How to hide one's command from top? In short, you can't If you have secret information, you /cannot/ put it into a commandline and expect it to remain secret. Sorry. If you want it to remain secret, pass it through an environment variable, or have the process read it from a file. -- Lew Pitcher Master Codewright & JOAT-in-training | Registered Linux User #112576 Me: http://pitcher.digitalfreehold.ca/ | Just Linux: http://justlinux.ca/ ---------- Slackware - Because I know what I'm doing. ------
From: Jim Diamond on 17 Nov 2009 21:26 On 2009-11-17 at 21:03 AST, Lew Pitcher <lpitcher(a)teksavvy.com> wrote: > On November 17, 2009 20:01, in alt.os.linux, ela (ela(a)yantai.org) wrote: > >> every users can top and therefore know each other running what jobs with >> exact parameters and outputs. > > Yes? So? > >> How to hide one's command from top? > > In short, you can't > > If you have secret information, you /cannot/ put it into a commandline and > expect it to remain secret. Sorry. > If you want it to remain secret, pass it through an environment variable, As it turns out, that isn't true. Try the ironically-named option 'ewwwww' to ps: ps ewwwww Lo and behold, the environment of the command. Cheers. Jim
From: ela on 17 Nov 2009 22:08 "Black Dragon" <bd(a)nomail.invalid> wrote > Switch to FreeBSD. Such things can be tuned with `sysctl`. Example: > > /etc/sysctl.conf > > ------------------------------------------------------------------- > > # $FreeBSD: src/etc/sysctl.conf,v 1.8 2003/03/13 18:43:50 mux Exp $ > # > # This file is read when going to multi-user and its contents piped thru > # ``sysctl'' to adjust kernel values. ``man 5 sysctl.conf'' for details. > # > > # Uncomment this to prevent users from seeing information about processes > that > # are being run under another UID. > #security.bsd.see_other_uids=0 This is the best choice, yet centos having the same file under /etc, but no such feature enabled! >.<
From: Florian Diesch on 18 Nov 2009 06:10
"ela" <ela(a)yantai.org> writes: > every users can top and therefore know each other running what jobs with > exact parameters and outputs. How to hide one's command from top? AFAIK that can be done with Grsecurity's /proc protection Florian -- <http://www.florian-diesch.de/software/shell-scripts/> |