ps -aux

[w1nn3r]

Hello,

I administer a small webserver that also allows helpdesk agents to login to, I want to secure it so that the agents dont see all processes when they do ps -aux..only thiers. It seems like a pretty petty thing, But i simply want them to not have access to view other users processes. The server runs redhat 7.2 with the default kernel. any suggestions would be greatly appreciated.

 

[bjverzal]

By definition, doesn't "-a" mean "all processes" ?

Bill.

 

[pcunix]

I'd put in a new ps script ahead of /bin/ps in $PATH that checks whether or the user was root and deletes whatever flags you don't want them to have.

To keep this from inquiring minds you'd need to make it a binary rather than a script unless your user base is really clueless. To be more foolproof, you'd need to replace /bin/ps with your own binary, but I'd be very careful with that..

It's not perfect, but it will stop unsophisticated users.

The other way you might be able to do this is by messing with erms in /proc- perhaps put all your users in a group that specifically does not have permission- but even then you'd have to do something with a seruid front-end so that you could give them what you do want them to have.


Tony Lawrence
SCO Unix/Linux Resources

http://pcunix.com

tony@pcunix.com