Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Won't 'ps aux' show them anyway? I imagine there are some restricted userland tools available for shared hosts to use, but having just checked on a couple of my personal machines, it'll display arguments even for processes started by root.

In the past I've wrapped things in a trivial shell-script to hide their args (and messing with $0 from a perl script can probably be used for fun & games, if desired)



Oh, absolutely.

I personally think the UNIX security model is broken for multiuser, so I basically run systems in dedicated security mode (as does ~everyone else; single-user laptop/desktops under OSX or Linux, and servers dedicated to a single user/task/application, or at least VMs dedicated to a single user/task).

UNIX local system security is still nice as a belt-and-suspenders thing, but once someone's on a box, assume they own it. The only exception is some special magic stuff like Hardware Security Modules.


I mess with $0 from Perl programs to show the status of batch processes:

http://www.modernperlbooks.com/mt/2011/12/track-app-progress...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: