[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Making ps secure



The "restricted /proc" implementation in the Linux kernel patch from the
Openwall Project will make "ps" only show the processes of the user
(unless you are root, in the special group). This patch can be found
here:

www.openwall.com

Thanks. -D

--
Derrick Lewis    	              
Assistant Site Manager                         LinuxSecurity.com
(917) 681-1876                   "The Linux Community's Center for Security."
dlewis@linuxsecurity.com               http://www.linuxsecurity.com

On 19 Nov 2002, David Blomberg wrote:

> Same thing makers of rootkits do change the way the apps operate (just
> program in some sanity check prior to execution) alternatively make
> aliases to the commands so that ps -auxf behaves like ps
> 
> On Tue, 2002-11-19 at 15:17, Steven Adams wrote:
> > Hi,
> >     I am running slackware linux and i notice that on freebsd and some other
> > distros when u type ps auxf it only outputs the processes your running and
> > not anyone else..
> > 
> > I was wondering how they made it do this..
> > 
> > Ive also noticed that in a users home dir .bash_history is owned by the
> > user.. But if the user trys to remove it or chmod it to a diferent setting
> > it says operation not permitted.
> > 
> > Ive also seen this before
> > When someone trys a normal ping.
> > 
> > ping: socket: Operation not permitted
> > 
> > How are theses things done and is there a site thats tells u in detail on
> > how to make your system secure
> > 
> > /Steve
> > 
> > ------------------------------------------------------------------------
> >      To unsubscribe email security-discuss-request@linuxsecurity.com
> >          with "unsubscribe" in the subject of the message.
> -- 
> David Blomberg <dblomber@libertec.com>
> Nihon Libertec
> ------------------------------------------------------------------------
>      To unsubscribe email security-discuss-request@linuxsecurity.com
>          with "unsubscribe" in the subject of the message.
> 

------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.


[Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Video for Linux]     [Bugtraq]     [USB]     [Fedora Security]

Add to Google Powered by Linux