Hardening /proc Hide Processes from other Users

From wiki.linuxonlinehelp.de
Jump to: navigation, search

To prevent access to view Processes of other Users edit:

$sudo nano /etc/fstab


proc    /proc    proc    defaults,hidepid=2,relatime     0     0  #relatime raspian

Run on console changes without reboot needed:

mount -o remount,rw,hidepid=2,relatime /proc


$ps ax

Should only view own jobs!

At Raspian OS (raspberry pi)is a Workaround useful: create a Script /home/pi/mount-proc.sh insert:

mount -o remount,rw,relatime,nosuid,noexec,nodev,hidepid=2 /proc

and insert /home/pi/mount-proc.sh into root crontab to run on boot:

@reboot  sh /home/pi/mount-proc.sh > /dev/null 2>&1