Difference between revisions of "Hardening /proc Hide Processes from other Users"
Jump to navigation
Jump to search
| Line 20: | Line 20: | ||
| − | At | + | At Raspian OS (raspberry pi)is a Workaround useful: |
create a Script /home/pi/mount-proc.sh | create a Script /home/pi/mount-proc.sh | ||
insert: | insert: | ||
Latest revision as of 13:34, 7 July 2017
To prevent access to view Processes of other Users edit:
$sudo nano /etc/fstab
Insert:
proc /proc proc defaults,hidepid=2,relatime 0 0 #relatime raspian
Run on console changes without reboot needed:
mount -o remount,rw,hidepid=2,relatime /proc
Test:
$top $htop $ps ax
Should only view own jobs!
At Raspian OS (raspberry pi)is a Workaround useful:
create a Script /home/pi/mount-proc.sh
insert:
#!/bin/bash mount -o remount,rw,relatime,nosuid,noexec,nodev,hidepid=2 /proc exit
and insert /home/pi/mount-proc.sh into root crontab to run on boot:
@reboot sh /home/pi/mount-proc.sh > /dev/null 2>&1