privacy in Unix environment
Hello everyone, here is a question well suited for the c'punks. I'm looking for some kind of utility that will allow script files to be run, to spawn off processes, but will wipe out environment and "ps" info from being read. i.e. imagine that the commands being called must shield their arguments and environment from the "ps" command run on a system. the ideal program would let me run csh scripts but make all the unix commands called (sort, grep, whatever) invisible to other users on my local system. can it be done? note: I am aware of the trick of using symbolic links to hide command names. tx. bye
Hello everyone, here is a question well suited for the c'punks. I'm looking for some kind of utility that will allow script files to be run, to spawn off processes, but will wipe out environment and "ps" info from being read. i.e. imagine that the commands being called must shield their arguments and environment from the "ps" command run on a system. the ideal program would let me run csh scripts but make all the unix commands called (sort, grep, whatever) invisible to other users on my local system.
can it be done?
Sure: 1) rewrite ps. Since it's setuid for kmem versions, noone else should be able to use a real one. 2) rewrite device driver for /proc/ps versions. You could argue that in some situations, users should only see their own processes (very few situations).
note: I am aware of the trick of using symbolic links to hide command names.
tx. bye
-- Stephen D. Williams Local Internet Gateway Co.; SDW Systems 510 503-9227APager LIG dev./sales Internet: sdw@lig.net In Bay Area Aug94-Feb95!!! OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430 Internet Consulting ICBM: 39 38 34N 84 17 12W home, 37 58 41N 122 01 48W work Newbie Notice: I speak for LIGCo., CCI, myself, and no one else, regardless of where it is convenient to post from or thru.
Hello everyone, here is a question well suited for the c'punks. I'm looking for some kind of utility that will allow script files to be run, to spawn off processes, but will wipe out environment and "ps" info from being read. i.e. imagine that the commands being called must shield their arguments and environment from the "ps" command run on a system. the ideal program would let me run csh scripts but make all the unix commands called (sort, grep, whatever) invisible to other users on my local system.
Hi, There is a program for Linux which sorta does this that was written by a friend of mine. It basicly 'hides' a process such that neither it or any of its children will show up using 'ps'. If you would like more info then contact: ifch151@ccwf.cc.utexas.edu Take care.
Hello everyone, here is a question well suited for the c'punks. I'm looking for some kind of utility that will allow script files to be run, to spawn off processes, but will wipe out environment and "ps" info from being read. i.e. imagine that the commands being called must shield their arguments and environment from the "ps" command run on a system. the ideal program would let me run csh scripts but make all the unix commands called (sort, grep, whatever) invisible to other users on my local system.
can it be done?
note: I am aware of the trick of using symbolic links to hide command names.
This can't be done with scripting (though, as some other folks have pointed out, you can sometimes overwrite argv from a C program). Perl might be a good alternative. You get to perform fairly high-level functions without spawning additional shells. - Mark - -- Mark Chen chen@netcom.com 415/329-6913 finger for PGP public key D4 99 54 2A 98 B1 48 0C CF 95 A5 B0 6E E0 1E 1D
Vladimir Z. Nuri writes:
(sort, grep, whatever) invisible to other users on my local system.
can it be done?
Not unless you write your own suite of utilities (or get linux and modify all the ones there). Even if you do, the kernel will always keep around the command name (ps -c on BSDish machines). Of course, if you've got your own suite of utilities you can scramble the names. Juest remind me never to log in to your account... | GOOD TIME FOR MOVIE - GOING ||| Mike McNally <m5@tivoli.com> | | TAKE TWA TO CAIRO. ||| Tivoli Systems, Austin, TX: | | (actual fortune cookie) ||| "Like A Little Bit of Semi-Heaven" |
This depends on the OS. On some Operating Systems, you can overwrite the arguments and that will clear the PS listing. On other systems, however, the environment variables and process listings are kept in different memory than that of the process, so you cannot have a process hide its arguments. I hope this helps -derek
participants (6)
-
chen@intuit.com -
Derek Atkins -
Jim choate -
m5@vail.tivoli.com -
sdw@lig.net -
Vladimir Z. Nuri