Ivan Tomica

Hide other users processes on Linux

By default proc is mounted in a way that allows inspection of other users processes by any account on the system. This can be a security risk if attacker gets hold of one of the accounts on the machine as it can freely inspect processes and gather information that it perhaps shouldn’t have.

In order to restrict access we can add hidepid mount option to /etc/fstab:

proc        /proc   proc    defaults,hidepid=2    0 0

To re-mount current /proc you can use:

mount -o remount,rw,hidepid=2 /proc

But what if you need to allow specific users to access all PIDs on the system? A-ha! There’s also gid mount option which allows users that are members of this group to access all PIDs. Receives numerical group ID or simply a group name as its argument. For example:

gid=sudo
About 
Sysadmin on the everlasting journey of learning. Always in search for an opportunity to prove myself and to learn something new. My addiction is learning and my main goal is to excel in every aspect of Linux/Unix system administration.

0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *