Re: proc hidepid=2 and SGID programs

From: Christian Kujau
Date: Tue Sep 10 2013 - 04:30:39 EST


On Sun, 8 Sep 2013 at 23:42, Eric W. Biederman wrote:
> I don't have a clue why anyone would want to hide processes, and make
> their own lives more difficult.

Oh, there are plenty of usescases, I'm sure. And I for one am thankful
that this process hiding option made it into the kernel. Or, to answer in
another way: why would anyone want to see other peoples processes?

> The check with hidepid is can you ptrace the process. I expect there
> is something with those sgid processes that keeps you from ptracing
> them.

Indeed, I cannot strace the process. But still, I wonder if this is
intended behaviour.

> Of course if you don't like the silly behavior you can always disable
> it.

:-)

C.
--
BOFH excuse #412:

Radial Telemetry Infiltration
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/