On 04/04/2016 11:22 AM, Rainer Weikusat wrote: > Boruch Baum <[email protected]> writes: >> Please consider setting the default /etc/fstab to include: >> >> proc /proc proc defaults,hidepid=2 >> >> This has the effect of keeping the specific activities, process >> ids, command lines and parameters of a user from other users. > > If you think that's useful to you, why don't you just use it. I do.
> It's not useful to me[*] and - IMHO - generally useless on any system > where more than one user with privileged access works on a > cooperative projects. My understanding is that the intention of the design of the UNIX architecture in such cases is to have members of a 'project' be assigned a similar 'group' to allow mutual 'group' access. > [*] "Everyday real-world example": One of the things I'm dealing with > is a proprietary racoon fork part of a VPN product for mobiles > (hefty simplification). I usually don't work on code as root but in > case I need to run a debugging session, I have to run the debugger as > root as it will need to be able to control a privileged process, > namely, the IKE daemon. Being prevented from seeing my own processes > via ps because they happen to be running with elevated privileges > would at least be a nuisance. You're trying to make a case for lowering system security using an example of a project meant to raise system security. It seems to me, as an outsider to your case, that you would be compromising your ipsec efforts with the large and elementary security hole you're willing to make - to allow any one / any process to see every other. Another approach I've seen in some linux distributions intended for security / forensic research and testing is to expect the user to always be running as root (Kali linux comes to mind in that regard). As a security-conscious person, you seem to be advocating a default of lack-of-security, where the universal set of devuan users would have to a] be aware of the vulnerability, and b] take a positive action to opt-in to be secure. My position is that this is a basic security precaution that should be opt-out, not opt-in. Most users won't notice, except possibly for lack of clutter in their htop / ps -aux output. More sophisticated users with a specific need like yours can make the judgment call, as masters of their own destiny, to drop the feature (or set up some other access control regimen), Finally, in the case you mentioned, I'm not certain I understand what you mean when you say you would be "prevented from seeing my own processes via ps because they happen to be running with elevated privileges" - you said earlier that you run the debugger as root, and as root you would be seeing ALL processes. If you're not running as root, you would still be seeing all the other processes of your shared group. -- hkp://keys.gnupg.net CA45 09B5 5351 7C11 A9D1 7286 0036 9E45 1595 8BC0 _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
