How To Hide A Processes From Other Users In Linux
1391 ワード
**support rhel6
now can hide processes from other users so only root and the user that owns the process can see the processes. All you have to do is remount the proc filesystem with the Linux kernel hardening option hidepid. The hidepid options defines how much info about a process we want to be available for all users. The values are as follows:
1.hidepid=0 - The old behavior - anybody may read all world-readable/proc/PID/* files (default).
2. hidepid=1 - It means users may not access any/proc//directories, but their own. Sensitive files like cmdline, sched*, status are now protected against other users.
3hidepid=2 It means hidepid=1 plus all/proc/PID/will be invisible to other users. It compicates intruder's task of gathering info about running processes, whether some daemon runs with elevated privileges, whether another user runs some sensitive program, whether other users run any program at all, etc.
So here is how to remount proc with the hidepid option:
To permanently add this rule you need to add it to your fstab.
Add the hidepid=* options to your proc mount rule.
That's it, the rule is now permanently added and will persist on reboot.
now can hide processes from other users so only root and the user that owns the process can see the processes. All you have to do is remount the proc filesystem with the Linux kernel hardening option hidepid. The hidepid options defines how much info about a process we want to be available for all users. The values are as follows:
1.hidepid=0 - The old behavior - anybody may read all world-readable/proc/PID/* files (default).
2. hidepid=1 - It means users may not access any/proc//directories, but their own. Sensitive files like cmdline, sched*, status are now protected against other users.
3hidepid=2 It means hidepid=1 plus all/proc/PID/will be invisible to other users. It compicates intruder's task of gathering info about running processes, whether some daemon runs with elevated privileges, whether another user runs some sensitive program, whether other users run any program at all, etc.
So here is how to remount proc with the hidepid option:
mount -o remount,rw,hidepid=2 /proc
To permanently add this rule you need to add it to your fstab.
vi /etc/fstab
Add the hidepid=* options to your proc mount rule.
proc /proc proc defaults,hidepid=2 0 0
That's it, the rule is now permanently added and will persist on reboot.