Mounting /proc with hidepid under Ubuntu

On most Linux systems, anyone can see everyone else’s processes, running commands, and so on. This can be achieved by simply issuing a

ps ax

or similar. The same applies to the process monitor command “top”.

In certain circumstances, you may want to avoid this.

One way is to edit /etc/fstab as root or as a sudo user. Depending on how your system is configured/setup and/or which version of Ubuntu you’re running, you may not see any /proc line in that file.

If you do not see a /proc line in /etc/fstab, copy it verbatim from /etc/mtab. It may look something like this:

proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0

Add that line to /etc/fstab, and change it to read:

proc /proc proc remount,rw,nosuid,nodev,noexec,hidepid=2,relatime 0 0

Save your changes and re-boot.

If the line is already there, simply add hidepid=2 to it as shown above. Do not add “remount”. Again, save your changes and re-boot.

As a regular user, you should now only see processes that you have access to when you issue “ps ax”.

NOTE: This does not provide actual hardening in the way you think it might. A user issuing, for example, “systemctl status”, may still see “too much information” and get an idea of what’s going on in the system.

 

Leave a Comment

Notify me of followup comments via e-mail. You can also subscribe without commenting.