Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
Re: [suse-security] /proc
  • From: Lenz Grimmer <grimmer@xxxxxxx>
  • Date: Thu, 3 Aug 2000 17:48:43 +0200 (CEST)
  • Message-id: <Pine.LNX.4.21.0008031744200.18366-100000@xxxxxxxxxxxxx>
Hi,

On Thu, 3 Aug 2000 mgribov@xxxxxxxxx wrote:

> as one of security meausures, I learned that it is a good idea to do chmod
> 550 /proc/sys and chmod 550 /proc/net.
> First question I have, is this true? It seems right, because ordinary users
> cannot view network or system information, which is not a bad thing.
> Second question is, I implemented the above, but after a reboot permisions
> were back to standard ( I believe 555). How come?

The /proc filesystem is not a normal directory on your hard disk, it is
just "mapped" into the directory structure. It is a very dynamic
structure - I am surprised you can even chmod something inside there :)

If you want to chmod this file every time you reboot, you should add the
chmod command to the init script /sbin/init.d/boot.local. However, I am
not sure about the benefit...

Bye,
LenZ
--
------------------------------------------------------------------
Lenz Grimmer SuSE GmbH
mailto:grimmer@xxxxxxx Schanzaeckerstr. 10
http://www.suse.de/~grimmer/ 90443 Nuernberg, Germany
Poker Face: The face that launched a thousand chips.


< Previous Next >
Follow Ups
References