help

kzumba · 09-18-2004, 08:38 PM

hello I have question the question is

how can I trun off access to normal shell users

ex
when user A logs in his shell and you type ps -aux you can see everything thats running on the system on there how can I dissallow ps -aux for user A and long with w who and a few other ones. but the most important is ps -aux

cyberliche · 09-18-2004, 09:02 PM

Well you could change the permissions on ps so no one but root could execute it, but this might possibly break something that calls ps (I can't think of anything off the top of my head that does tho).

Why would you need to disallow access to ps , w, and who? The only thing I can think of is for something malicous.

kzumba · 09-18-2004, 09:11 PM

well so no eyes can see whos online and also so no normal user cant see whats running on the box

thats the only resaon i have that crazy idea

cyberliche · 09-18-2004, 09:16 PM

Honestly, if your that worried about having your users know whats running and who else is online, I would seriously consider not giving those users a login shell.

Capt_Caveman · 09-19-2004, 08:49 AM

You can also try putting users in a chroot jail or using the grsecurity patch. Both have the ability to prevent users from seeing each others proceses as well as other nice security-related features.