On Sun, 3 Sep 2000, Stephen F. Bosch wrote:
Never mind, I figured out my own problem. There is a kernel patch which is
applied to the Mandrake-secure kernel which implements this at the kernel
level. It also stops most stuff like buffer/stack overflows and a couple
other neat things. The patch is from openwall, www.openwall.com/linux/. I
recommend that you guys reading the list upgrade your kernel to this if
your system is multiuser. It becomes sort of irritating that any user on
the system is able to see anyone else's processes.
>
> Ellick Chan wrote:
>
> > Is there a way to make ps only show your processes when you type "ps
> > aux"? I think I had it going before, but forgot what I did. I think this
> > is useful as it disallows normal users to spy on each other by not letting
> > them see each other's running processes. If possible, it would be best to
> > change this as a system-wide policy, so that no one can override it,
> > except root, of course. What files need to be changed? I've tried turning
> > Mandrake security to level 5, paranoid, and that still doesn't enforce it.
>
> Have you tried writing a shell script called "ps" and put it in your
> path? You could try setting it SUID root and have it in directory that
> appears early in your path (before the path where the real ps is located
> -- the alternative is to rename the original ps, but that could cause
> trouble with other applications that rely on ps to function properly).
> Put "ps -fu $LOGNAME" in the script and make ps only executable by root.
>
> Or you could use an alias, but I think aliases are a little too easy to
> override.
>
> -Stephen-
>
--
Regards,
Ellick Chan
[EMAIL PROTECTED]
Sep 3
