Hardening /proc Hide Processes from other Users

From wiki.linuxonlinehelp.eu
Revision as of 13:34, 7 July 2017 by Author (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

To prevent access to view Processes of other Users edit: 

$sudo nano /etc/fstab

Insert: 

proc    /proc    proc    defaults,hidepid=2,relatime     0     0  #relatime raspian

Run on console changes without reboot needed: 

mount -o remount,rw,hidepid=2,relatime /proc

Test: 

$top
$htop
$ps ax

Should only view own jobs!


At Raspian OS (raspberry pi)is a Workaround useful: create a Script /home/pi/mount-proc.sh insert: 

#!/bin/bash
mount -o remount,rw,relatime,nosuid,noexec,nodev,hidepid=2 /proc
exit

and insert /home/pi/mount-proc.sh into root crontab to run on boot: 

@reboot  sh /home/pi/mount-proc.sh > /dev/null 2>&1
Retrieved from "https://wiki.linuxonlinehelp.eu//index.php?title=Hardening_/proc_Hide_Processes_from_other_Users&oldid=331"