May 25, 2017

How to Prevent Users From Seeing Processes That run Under Another UID on FreeBSD

FreeBSD Logo

An important step to harden you FreeBSD system is to to disallow users to see processes that are being run under another UID. For this we need to set some kernel states to avoid others from fetching these information with commands like ps, top, sockstat and many more. This changes also applies to jailed systems.

Root access is required to edit the following files and to execute commands. Log in as root (su) or simply prepend sudo to all commands that require root privileges.

Set the kernel states

The following commands will immediately set the kernel states.

sysctl security.bsd.see_other_uids=0
sysctl security.bsd.see_other_gids=0

Make the changes permanent by adding them to the /etc/sysctl.conf file.

echo 'security.bsd.see_other_uids=0' >> /etc/sysctl.conf
echo 'security.bsd.see_other_gids=0' >> /etc/sysctl.conf

Speak Your Mind