DragonFlyBSD hide processes not owned by current user

By default, a user can see information about processes, which are not owned by him. There are alot of articles, defining that as a security hole. In FreeBSD there are alot of giudes, describing how to do that.

That is how you can do it in DragonFlyBSD:

[root@jijo.tangra][~]# sysctl security.ps_showallthreads=0
security.ps_showallthreads: 1 -> 0
[root@jijo.tangra][~]# sysctl security.ps_showallprocs=0
security.ps_showallprocs: 1 -> 0

If you want to make those changes permanent, eg to be executed on next boot, you have to define them in /etc/sysctl.conf

[root@jijo.tangra][~]# echo 'security.ps_showallthreads=0' >> /etc/sysctl.conf
[root@jijo.tangra][~]# echo 'security.ps_showallprocs=0' >> /etc/sysctl.conf
Сподели с приятел: Сподели в Twitter