Check out my first novel, midnight's simulacra!
Procfs: Difference between revisions
From dankwiki
No edit summary |
|||
Line 13: | Line 13: | ||
Since time immemorial, tools like <tt>ps</tt> have enumerated processes via walking procfs's dentries when possible. | Since time immemorial, tools like <tt>ps</tt> have enumerated processes via walking procfs's dentries when possible. | ||
procfs since Linux 3.3 accepts a mount option <tt>hidepid</tt>, taking one of | procfs since Linux 3.3 accepts a mount option <tt>hidepid</tt>, taking one of four values: | ||
* 0: everyone may access all <tt>proc/PID</tt> directories | * 0: everyone may access all <tt>proc/PID</tt> directories | ||
* 1: users can only access their own <tt>proc/PID</tt> directories | * 1: users can only access their own <tt>proc/PID</tt> directories | ||
* 2: users can only *see* their own <tt>proc/PID</tt> directories | * 2: users can only *see* their own <tt>proc/PID</tt> directories | ||
* 4: users can only see directories of processes they can [[ptrace]] | |||
Linux 3.3 also introduced the <tt>gid</tt> parameter, which specifies a group ID. Members of this group are exempted from <tt>hidepid</tt> restrictions. | Linux 3.3 also introduced the <tt>gid</tt> parameter, which specifies a group ID. Members of this group are exempted from <tt>hidepid</tt> restrictions. | ||
Note that if you start a process as one user, and change to another user using e.g. <tt>setuid(2)</tt>, you | Note that if you start a process as one user, and change to another user using e.g. <tt>setuid(2)</tt>, you might no longer be able to access your own <tt>/proc/PID</tt>. | ||
===<tt>proc/PID/loginuid</tt>=== | ===<tt>proc/PID/loginuid</tt>=== |