From: Rene Scharfe <rene.scharfe@lsrfire.ath.cx>
To: Albert Cahalan <albert@users.sf.net>
Cc: linux-kernel mailing list <linux-kernel@vger.kernel.org>,
Andrew Morton OSDL <akpm@osdl.org>,
viro@parcelfarce.linux.theplanet.co.uk, pj@engr.sgi.com,
7eggert@gmx.de
Subject: Re: [PATCH][RFC] Make /proc/<pid> chmod'able
Date: Tue, 15 Mar 2005 16:27:34 +0100 [thread overview]
Message-ID: <4236FEE6.2020205@lsrfire.ath.cx> (raw)
In-Reply-To: <1110816803.1949.177.camel@cube>
Albert Cahalan wrote:
> Note that the admin hopefully does not normally run as root.
> The admin should be using a normal user account most of the
> time, to reduce the damage caused by his accidents.
Openwall and GrSecurity solved this by having a special group that can
see everything, just like root. E.g. we could add a proc.gid kernel
boot option for that purpose.
> Even if the admin were not running as a normal user, it is
> expected that normal users can keep tabs on each other.
> The admin may be sleeping. Social pressure is important to
> prevent one user from sucking up all the memory and CPU time.
IANAL, but creating a user profile (who ran what when, used how many
resources etc.) without the user's consent is illegal at least here in
Germany. As an admin I'd like to be able to prevent a user from even
trying to spy on another user.
> Anything provided by traditional UNIX and BSD systems
> should be available. Users who want privacy can get their
> own computer. So, these need to work:
>
> ps -ef
> ps -el
> ps -ej
> ps axu
> ps axl
> ps axj
> ps axv
> w
> top
If with "work" you mean "show info about all users" then the patch
becomes pointless. The programs "work" in the sense that they do *not*
should "cloaked" processes, which is intended. :)
OK, I understand that you need to be able to turn this feature off and I
also don't want non-root admins to suddenly go blind. Would adding a
proc.gid kernel parameter and an off-switch be sufficient for you?
Thanks,
Rene
next prev parent reply other threads:[~2005-03-15 15:27 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-03-14 3:34 [PATCH][RFC] Make /proc/<pid> chmod'able Albert Cahalan
2005-03-14 9:42 ` Rene Scharfe
2005-03-14 16:13 ` Albert Cahalan
2005-03-14 23:08 ` Bodo Eggert
2005-03-15 2:44 ` Albert Cahalan
2005-03-15 10:51 ` Jonathan Sambrook
2005-03-15 14:31 ` Bodo Eggert
2005-03-15 15:29 ` Paul Jackson
2005-03-15 15:58 ` Albert Cahalan
2005-03-15 21:06 ` Bodo Eggert
2005-03-15 21:18 ` Rene Scharfe
2005-03-16 0:21 ` Kyle Moffett
2005-03-15 15:27 ` Rene Scharfe [this message]
2005-03-14 16:37 ` Pavel Machek
2005-03-16 2:39 ` [PATCH][RFC] /proc umask and gid [was: Make /proc/<pid> chmod'able] Rene Scharfe
2005-03-16 4:31 ` Albert Cahalan
2005-03-16 4:41 ` Albert Cahalan
2005-03-19 1:51 ` Rene Scharfe
-- strict thread matches above, loose matches on Subject: below --
2005-03-13 23:32 [PATCH][RFC] Make /proc/<pid> chmod'able Rene Scharfe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4236FEE6.2020205@lsrfire.ath.cx \
--to=rene.scharfe@lsrfire.ath.cx \
--cc=7eggert@gmx.de \
--cc=akpm@osdl.org \
--cc=albert@users.sf.net \
--cc=linux-kernel@vger.kernel.org \
--cc=pj@engr.sgi.com \
--cc=viro@parcelfarce.linux.theplanet.co.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox