Find the answer to your Linux question:
Results 1 to 4 of 4
I recently installed a new copy of Mandrake 9.2 and set the security level to 4 (Higher). I noticed when I started creating users that people could not view the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2004
    Posts
    2

    Prevent users from viewing other user processes?


    I recently installed a new copy of Mandrake 9.2 and set the security level to 4 (Higher). I noticed when I started creating users that people could not view the process list because the /proc dir was chmoded 550 with root owner/group.

    If I allow access to the proc, that means they can see all processes. I don't want that. I tried making a small program to prevent `ps -a` or `ps -U root`, but it doesn't work because it has to call the original PS at some point.

    Is there a simple way to limit users to only viewing their processes? Or, if not, change it so that when a process is created, it is owned by that user and group and chmodded to 550?

    (If anyone cares... ps1 and ps2 tests:
    http://brajah.com/ps.txt )

    Thanks in advance for taking a look at my problem.
    Jack
    root at brajah.com
    Aim: Greenday8514
    MSN: same as email.

  2. #2
    Linux Guru
    Join Date
    Mar 2003
    Location
    Wisconsin
    Posts
    1,907
    I think you should be able to do something like

    Code:
    ps --User Jack
    From:

    http://linux.about.com/library/cmd/blcmdl1_ps.htm

    Hope that helps,
    Jeremy
    Registered Linux user #346571
    "All The Dude ever wanted was his rug back" - The Dude

  3. #3
    Just Joined!
    Join Date
    Aug 2004
    Posts
    2
    That would work, however, they would still be able to change it, if it were an alias.
    I was thinking more along the lines of forcing them to only look at their processes, but there's no file that root can own that dictates ps defaults.

    Thanks though,
    Jack

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Guru
    Join Date
    Mar 2003
    Location
    Wisconsin
    Posts
    1,907
    You could create a script that will disregard all ps switches and only display the user.

    Jeremy
    Registered Linux user #346571
    "All The Dude ever wanted was his rug back" - The Dude

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •