[LUG.ro] Ocultar procesos a tereros usuarios
:: Diego D'Angelo ::
lugro@lugro.org.ar
Fri, 2 Sep 2005 17:33:49 -0300
el parche grsecurity tocaba algo al respecto
sacado de http://www.grsecurity.org/
grsecurity is an innovative approach to security utilizing a multi-layered
detection, prevention, and containment model. It is licensed under the GPL.
It offers among many other features:
An intelligent and robust Role-Based Access Control (RBAC) system that can
generate least privilege policies for your entire system with no configuration
Change root (chroot) hardening
/tmp race prevention
Extensive auditing
Prevention of entire classes of exploits related to address space bugs (from the
PaX project)
Additional randomness in the TCP/IP stack
"A restriction that allows a user to only view his/her processes"
Every security alert or audit contains the IP address of the person that caused
the event
saludos
> Holas... en FreeBSD colocando esto en /etc/sysctl.conf
>
> security.bsd.see_other_gids=0
> security.bsd.see_other_uids=0
>
> o con...
>
> sysctl security.bsd.see_other_gids=0
> sysctl security.bsd.see_other_uids=0
>
> Se puede evitar que un usuario visualice los procesos de otros a menos que
> tenga privilegios de root... en Linux... existe algo parecido...?
> Saludos Horacio.