Linux kernel: Hide Processes From Other Users

Just learned clever trick – use hidepid mount-option to hide processes from other users. Useful when managing shared servers. And it’s available since 2011 (patch released 2011, appeared in kernel 3.3 at 2012)!

Try it out on live system

$ mount -o remount,rw,hidepid=2 /proc

Add hidepid= and gid= mount options. hidepid=0 means classic mode – everybody may access all /proc// directories (default). hidepid=1 means users may not access any /proc// directories but their own. hidepid=2 means hidepid=1 plus all /proc// will be fully invisible to other users. gid= defines a group authorized to learn processes information otherwise prohibited by hidepid=

If ready to make change permanent, add line to /etc/fstab:

proc    /proc    proc    defaults,hidepid=2     0     0
This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Exaptcha (all lowercase letters) reload *