34 lines
1.1 KiB
XML
34 lines
1.1 KiB
XML
|
<chapter xmlns="http://docbook.org/ns/docbook"
|
||
|
xmlns:xlink="http://www.w3.org/1999/xlink"
|
||
|
xmlns:xi="http://www.w3.org/2001/XInclude"
|
||
|
version="5.0"
|
||
|
xml:id="sec-hidepid">
|
||
|
|
||
|
<title>Hiding process information</title>
|
||
|
|
||
|
<para>
|
||
|
Setting
|
||
|
<programlisting>
|
||
|
security.hideProcessInformation = true;
|
||
|
</programlisting>
|
||
|
ensures that access to process information is restricted to the
|
||
|
owning user. This implies, among other things, that command-line
|
||
|
arguments remain private. Unless your deployment relies on unprivileged
|
||
|
users being able to inspect the process information of other users, this
|
||
|
option should be safe to enable.
|
||
|
</para>
|
||
|
|
||
|
<para>
|
||
|
Members of the <literal>proc</literal> group are exempt from process
|
||
|
information hiding.
|
||
|
</para>
|
||
|
|
||
|
<para>
|
||
|
To allow a service <replaceable>foo</replaceable> to run without process information hiding, set
|
||
|
<programlisting>
|
||
|
systemd.services.<replaceable>foo</replaceable>.serviceConfig.SupplementaryGroups = [ "proc" ];
|
||
|
</programlisting>
|
||
|
</para>
|
||
|
|
||
|
</chapter>
|