cef2814a4f
This module adds an option `security.hideProcessInformation` that, when enabled, restricts access to process information such as command-line arguments to the process owner. The module adds a static group "proc" whose members are exempt from process information hiding. Ideally, this feature would be implemented by simply adding the appropriate mount options to `fileSystems."/proc".fsOptions`, but this was found to not work in vmtests. To ensure that process information hiding is enforced, we use a systemd service unit that remounts `/proc` after `systemd-remount-fs.service` has completed. To verify the correctness of the feature, simple tests were added to nixos/tests/misc: the test ensures that unprivileged users cannot see process information owned by another user, while members of "proc" CAN. Thanks to @abbradar for feedback and suggestions. |
||
|---|---|---|
| .. | ||
| assertions.nix | ||
| crashdump.nix | ||
| extra-arguments.nix | ||
| ids.nix | ||
| lib.nix | ||
| locate.nix | ||
| meta.nix | ||
| nixpkgs.nix | ||
| passthru.nix | ||
| version.nix | ||