tallation and setup there is no problem when normal
> users can get information out of procfs.
> Especially disabling netstat with procfs is not the best idea. There are
> possibilities to get much information without procfs. In my thoughts are
> utilities like nmap.
>
>
> --
a correct installation and setup there is no problem when normal
users can get information out of procfs.
Especially disabling netstat with procfs is not the best idea. There are
possibilities to get much information without procfs. In my thoughts are
utilities like nmap.
Brian McGroarty <[EMAIL PROTECTED]> writes:
> So far as I can tell, there's no non-hackish way to accomplish what
> I'd like. I have to either hold a file open to make chmod changes stay
> in effect in /proc, or I have to patch the kernel.
>
> This sure seems kind of silly... why add all these thi
On Mon, Apr 21, 2003 at 01:53:48AM +0200, Cristian Ionescu-Idbohrn wrote:
> On Sun, 20 Apr 2003, Brian McGroarty wrote:
>
> > I'd like to disable netstat and similar programs for my shell
> > users.
>
> Could this be an alternative solution?
>
> # dpkg-statoverride --update --add root root 700 /
On Sun, 20 Apr 2003, Brian McGroarty wrote:
> I'd like to disable netstat and similar programs for my shell
> users.
Could this be an alternative solution?
# dpkg-statoverride --update --add root root 700 /bin/netstat
Cheers,
Cristian
On Sun, 2003-04-20 at 09:06, Brian McGroarty wrote:
> Is there a way to chmod away just parts of /proc?
You should be able to use grsecurity to limit access to the file or dir.
--
---
| Eddie J Schwartz <[EMAIL PROTECTED]> http://www.m00
ntial tools for the users.
>
>
> Is there a way to chmod away just parts of /proc?
>
>
> Or is there a more conventional approach to disabling netstat and
> related /proc info for unprivileged users?
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL P
rs.
Is there a way to chmod away just parts of /proc?
Or is there a more conventional approach to disabling netstat and
related /proc info for unprivileged users?
8 matches
Mail list logo
