Re: [user question] security.mac.seeotheruids.enabled equivalent in Linux

From: Casey Schaufler
Date: Tue Oct 03 2006 - 11:54:28 EST

Next message: Lee Revell: "Re: wpa supplicant/ipw3945, ESSID last char missing"
Previous message: Jeremy Fitzhardinge: "Re: [PATCH 1/6] Generic implemenatation of BUG."
In reply to: Andrew Martin: "[user question] security.mac.seeotheruids.enabled equivalent in Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--- Andrew Martin <andy.martin.p@xxxxxxxxx> wrote:

> Thanks for reading my question :)
>
> I am looking for a Linux equivalent of the
> security.mac.seeotheruids.enabled sysctl found on
> BSD. Preferably one
> that works with the latest vanilla mainline kernel.
>
> Basically if it's switched off then users cannot see
> other users'
> processes, network connections, UNIX sockets,
> mounts, etc... but can
> still see if they are logged in or not.

SELinux might be your (current) best bet.

Casey Schaufler
casey@xxxxxxxxxxxxxxxx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Lee Revell: "Re: wpa supplicant/ipw3945, ESSID last char missing"
Previous message: Jeremy Fitzhardinge: "Re: [PATCH 1/6] Generic implemenatation of BUG."
In reply to: Andrew Martin: "[user question] security.mac.seeotheruids.enabled equivalent in Linux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]