Hide process information for other users

vpsfreecz / vpsadminos

Host for Linux system containers based on NixOS, ZFS and LXC

https://vpsadminos.org

MIT License

163 stars 28 forks source link

Hide process information for other users #16

Closed ToKe79 closed 6 years ago

ToKe79 commented 6 years ago

Adding

proc /proc proc defaults,hidepid=2 0 0

to /etc/fstab should hide foreign processes from unprivileged users. Currently does not work.

From IRC:

<aither> vudiq: udelej na ten hidepid pls issue u vpsadminos, aktualne to blokuje apparmor

aither64 commented 6 years ago

451bc27a5164f8862a617e9ee19ad1393808361c allows the remount, so mount -oremount,hidepid=2 /proc now works. If it does not, restart the VPS and try again.

What I haven't been able to figure out is /etc/fstab. /proc is already mounted when your init starts, so all you can do is remount it, but I'm not sure if it can be done using fstab.