From: sdw@lig.net (Stephen D. Williams)
Date: Thu, 15 Sep 94 20:38:11 PDT
To: vznuri@netcom.com (Vladimir Z. Nuri)
Subject: Re: privacy in Unix environment
In-Reply-To: <199409160307.UAA29221@netcom6.netcom.com>
Message-ID: <m0qlQY0-0009z3C@sdwsys>
MIME-Version: 1.0
Content-Type: text/plain


> 
> Hello everyone, here is a question well suited for the c'punks.
> I'm looking for some kind of utility that will allow script files
> to be run, to spawn off processes, but will wipe out environment
> and "ps" info from being read. i.e. imagine that the commands
> being called must shield their arguments and environment from
> the "ps" command run on a system. the ideal program would let
> me run csh scripts but make all the unix commands called
> (sort, grep, whatever) invisible to other users on my local
> system.
> 
> can it be done?

Sure:

1) rewrite ps.  Since it's setuid for kmem versions, noone else should be
   able to use a real one.
2) rewrite device driver for /proc/ps versions.

You could argue that in some situations, users should only see their own
processes (very few situations).

> note: I am aware of the trick of using symbolic links to hide
> command names.
> 
> tx.
> bye
> 
> 


-- 
Stephen D. Williams  Local Internet Gateway Co.; SDW Systems 510 503-9227APager
LIG dev./sales       Internet: sdw@lig.net  In Bay Area Aug94-Feb95!!!
OO R&D Source Dist.  By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Internet Consulting  ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work
Newbie Notice:       
     I speak for LIGCo., CCI, myself, and no one else, regardless of
     where it is convenient to post from or thru.