From: sdw@lig.net (Stephen D. Williams)
To: vznuri@netcom.com (Vladimir Z. Nuri)
Message Hash: 73df07a0798b9819f40f95244040f0152408e527860de42797b4ae95f0c6db57
Message ID: <m0qlQY0-0009z3C@sdwsys>
Reply To: <199409160307.UAA29221@netcom6.netcom.com>
UTC Datetime: 1994-09-16 03:38:11 UTC
Raw Date: Thu, 15 Sep 94 20:38:11 PDT
From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 15 Sep 94 20:38:11 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: privacy in Unix environment
In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com>
Message-ID: <m0qlQY0-0009z3C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain
>
> Hello everyone, here is a question well suited for the c'punks.
> I'm looking for some kind of utility that will allow script files
> to be run, to spawn off processes, but will wipe out environment
> and "ps" info from being read. i.e. imagine that the commands
> being called must shield their arguments and environment from
> the "ps" command run on a system. the ideal program would let
> me run csh scripts but make all the unix commands called
> (sort, grep, whatever) invisible to other users on my local
> system.
>
> can it be done?
Sure:
1) rewrite ps. Since it's setuid for kmem versions, noone else should be
able to use a real one.
2) rewrite device driver for /proc/ps versions.
You could argue that in some situations, users should only see their own
processes (very few situations).
> note: I am aware of the trick of using symbolic links to hide
> command names.
>
> tx.
> bye
>
>
--
Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager
LIG dev./sales Internet: sdw@lig.net In Bay Area Aug94-Feb95!!!
OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Newbie Notice:
I speak for LIGCo., CCI, myself, and no one else, regardless of
where it is convenient to post from or thru.
Return to September 1994
Return to ““Vladimir Z. Nuri” <vznuri@netcom.com>”