Controling which processes can run

exnt · 09-13-2006, 12:03 PM

Hi All,

First post so be gentle

I am looking for a piece of code that will allow me to allow/deny run priviledges for processes.
Basically I have a bunch of machines that do specific tasks and I ONLY want these certain processes to run. When a process request CPU time I would like to filter it against a allow/deny list first. Once I have a known good list on a box I want to deny any other processes from running.

hope this makes sense.

cheers,
exnt

unSpawn · 09-13-2006, 01:07 PM

Hello and welcome to LQ, hope you like it here.

I am looking for a piece of code that will allow me to allow/deny run priviledges for processes.
Processes are launched by users. Do you have or expect the boxen to have users that will (try and) launch stuff you don't want to run? If for instance you would have a box whose purpose is shellserver you could add the GRSecurity kernel patch. It can forbid users to launch apps outside the $PATH, deny any socket interaction (client *and* server), etc, etc. My http://www.linuxquestions.org/linux/...larm_for_Linux contains more hints like Systrace.

Any questions: just ask.

exnt · 09-13-2006, 01:52 PM

Thanks very much, I will look into the GRSecurity kernel patch.

The machines I am concerned about do not allow user to log on. They are mainly WEB and/or MAIL servers. I already know which prosesses SHOULD be running/allowed to run; I want to know if anything ELSE runs or tries to run, so I can investigate.

exnt