subject:"\[apparmor\] Deny other users \/proc entries"

Re: [apparmor] Deny other users /proc entries

2018-03-06 Thread azurit

Citát Arkadiusz Miśkiewicz : On Tuesday 06 of March 2018, azu...@pobox.sk wrote: Hi, i'm trying to allow users to run applications like ps or htop while seeing only their own processes. Htop, for example, needs read permission to /proc//cmdline BUT when a process changes uid

Re: [apparmor] Deny other users /proc entries

2018-03-06 Thread Arkadiusz Miśkiewicz

On Tuesday 06 of March 2018, azu...@pobox.sk wrote: > Hi, > > i'm trying to allow users to run applications like ps or htop while > seeing only their own processes. Htop, for example, needs read > permission to /proc//cmdline BUT when a process changes uid from > root to user, this happens: > -

[apparmor] Deny other users /proc entries

2018-03-06 Thread azurit

Hi, i'm trying to allow users to run applications like ps or htop while seeing only their own processes. Htop, for example, needs read permission to /proc//cmdline BUT when a process changes uid from root to user, this happens: - directory /proc// is correctly owned by user - file