hidepid capabilities of procfs

Wed 01 May 2013 by admin

RHEL 5.9 introduces new feature which allow to hide some sensitive information about process activity to non-root users.  Release notes about new RHEL version doesn't tell us too much:

Restricting Access to /proc/<PID>/
The hidepid= and gid= mount options have been added to procfs to allow
restricting of access to /proc/<PID>/ directories.

more technical information about this patch is on http://www.openwall.com/lists/kernel-hardening/2011/11/15/3

how it looks like in practice:

# mount  | grep ^proc
proc on /proc type proc (rw)

# mount -o remount,hidepid=1 /proc
$ ps ax
  PID TTY      STAT   TIME COMMAND
 2054 pts/0    S      0:00 -bash
 2084 pts/0    R+     0:00 ps ax
$ ls -ld /proc/[0-9]*
dr-xr-xr-x 6 root       root         0 May  1 13:29 /proc/1
dr-xr-xr-x 6 root       root         0 May  1 13:29 /proc/10
$ ls -l /proc/[0-9]*
ls: /proc/1: Operation not permitted
ls: /proc/10: Operation not permitted
...

# mount -o remount,hidepid=2 /proc
$ ps ax
  PID TTY      STAT   TIME COMMAND
 2189 pts/0    S      0:00 -bash
 2218 pts/0    R+     0:00 ps ax
$ ls -ld /proc/[0-9]*
dr-xr-xr-x 6 w.duranek domain users 0 May  1 13:31 /proc/2189
$ id
uid=10000(w.duranek) gid=10(wheel)

# mount -o remount,hidepid=2,gid=10  /proc
$ ps ax
  PID TTY      STAT   TIME COMMAND
    1 ?        Ss     0:03 init [3]
    2 ?        S<     0:00 [migration/0]
    3 ?        SN     0:00 [ksoftirqd/0]
...

Comments