[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netbsd-users
Subject:    Re: how to
From:       Wojciech Puchar <wojtek () tensor ! 3miasto ! net>
Date:       2003-11-28 20:25:59
[Download RAW message or body]

>
> Wojciech Puchar wrote:
>
> > turn off viewing not owned processes for regular users?
>
> Do you mean "only view processes owned by the user executing the command"?
> This will have to be done in the kernel, in sys/kern/kern_sysctl.c at the
> sysctl_doeproc function.

thank you.

>
> > possibility to turn off netstat, sysstat and similar commands will be nice
> > too.
> >
> > the best would be to prevent user from getting any system-wide information
> > other than needed.
>
> Some programs just read from kmem, others use sysctl() to do the work.

this with kmem are solved by desuiding them - done.

> Having some global system of restricting access might be nice.  Feel
> free to do an audit :-)
>
will look at it..
[prev in list] [next in list] [prev in thread] [next in thread]