Difference between revisions of "Hardening /proc Hide Processes from other Users"
Jump to navigation
Jump to search
(Created page with "To prevent access to view Processes of other Users edit: <pre> $sudo nano /etc/fstab </pre> Insert: <pre> proc /proc proc defaults,hidepid=2,relatime 0 0 #re...") |
|||
| (2 intermediate revisions by the same user not shown) | |||
| Line 17: | Line 17: | ||
$ps ax | $ps ax | ||
</pre> | </pre> | ||
| − | Should only view own jobs | + | Should only view own jobs! |
| + | |||
| + | |||
| + | At Raspian OS (raspberry pi)is a Workaround useful: | ||
| + | create a Script /home/pi/mount-proc.sh | ||
| + | insert: | ||
| + | <pre> | ||
| + | #!/bin/bash | ||
| + | mount -o remount,rw,relatime,nosuid,noexec,nodev,hidepid=2 /proc | ||
| + | exit | ||
| + | </pre> | ||
| + | and insert /home/pi/mount-proc.sh into root crontab to run on boot: | ||
| + | <pre> | ||
| + | @reboot sh /home/pi/mount-proc.sh > /dev/null 2>&1 | ||
| + | </pre> | ||
Latest revision as of 13:34, 7 July 2017
To prevent access to view Processes of other Users edit:
$sudo nano /etc/fstab
Insert:
proc /proc proc defaults,hidepid=2,relatime 0 0 #relatime raspian
Run on console changes without reboot needed:
mount -o remount,rw,hidepid=2,relatime /proc
Test:
$top $htop $ps ax
Should only view own jobs!
At Raspian OS (raspberry pi)is a Workaround useful:
create a Script /home/pi/mount-proc.sh
insert:
#!/bin/bash mount -o remount,rw,relatime,nosuid,noexec,nodev,hidepid=2 /proc exit
and insert /home/pi/mount-proc.sh into root crontab to run on boot:
@reboot sh /home/pi/mount-proc.sh > /dev/null 2>&1