"Jimmy Scott" <admin@inet-solutions.be> writes:
|Hello,
|
|I was wondering if it was possible to limit user access on /proc
|without having to use securelevels.
|For some reason chmod 751 /proc (or 750) does nothing.
|
|Is this possible on FreeBSD 4.9 ? Can't find anything about it in the
|manual pages. Just want to prevent lusers from running:
|
|for file in /proc/*/cmdline; do cat $file; echo; done
I usually mount procfs in a directory where only 'power-users' have
access to. Then symlink /proc to that dir, so the apps that possibly
need procfs and are being run by one of the power-users work.
|
|
|Greetz,
|
|
|Jimmy Scott
|_______________________________________________
|freebsd-security@freebsd.org mailing list
|http://lists.freebsd.org/mailman/listinfo/freebsd-security
|To unsubscribe, send any mail to
|"freebsd-security-unsubscribe@freebsd.org"
|
|
|!DSPAM:40424861309032038777972!
|
|
----
If it's there, and you can see it, it's real.
If it's not there, and you can see it, it's virtual.
If it's there, and you can't see it, it's transparent.
If it's not there, and you can't see it, you erased it.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url :
http://lists.freebsd.org/pipermail/freebsd-security/attachments/20040229/4be36053/attachment.bin