Mailing List Archive

From:: "H. Hartzer" <h@hartzer.sh>
Subject:: sysctl to hide processes of a different UID
To:: <tech@openbsd.org>
Date:: Sat, 12 Apr 2025 01:47:58 +0000

Download raw body.

Thread

2025-04-12 01:47 H. Hartzer:
sysctl to hide processes of a different UID
- 2025-08-09 14:57 H. Hartzer:
  sysctl to hide processes of a different UID

Hi tech@,

The ability to prevent process snooping across users is included
in Linux (/proc hidepid mount option), FreeBSD
(sysctl security.bsd.see_other_uids), and NetBSD
(sysctl security.curtain).


If an account were compromised, an adversary might watch process
output for a variety of reasons. I feel like this might be useful
to some on OpenBSD. The code to support it appears pretty light.

I've found three patches for this, but it seems like crickets on
all of them. Maybe one, or a similar one, could be considered for
adoption?

https://web.archive.org/web/20220314132353/https://imaginatif.org/u/fbriere/kern_hide.diff.txt

https://marc.info/?l=openbsd-tech&m=158006027808962&w=2

https://marc.info/?l=openbsd-tech&m=168831770811638&w=2

Thanks!

-Henrich

2025-04-12 01:47 H. Hartzer:
sysctl to hide processes of a different UID
- 2025-08-09 14:57 H. Hartzer:
  sysctl to hide processes of a different UID