How to Keep Users’ Processes Private

By default, any user on a Linux server can use commands like top or htop to view all running processes, including those owned by other users.

While this can be useful in certain situations, it can also pose security risks by exposing sensitive information to potential attackers.

This tutorial shows you how to restrict users from viewing processes owned by other users, thereby enhancing the security of your Linux server.

Preparation

To make the most of this tutorial, ensure you have a server running Ubuntu.

If you don’t have one, consider getting a free VPS server to follow along.

Following along on your own server will enhance your understanding and practical experience.

Demonstration

To demonstrate how any user could see processes running by other users, I added a new user named Elie and ran the htop command.

Even with their normal user privileges, Elie is able to see all processes running, including those owned by root and various system users.

Keeping Users’ Processes Private

To keep users’ processes private, you need to add the following line to the end of the /etc/fstab file:

proc    /proc   proc    hidepid=2       0 0

Save and close the file.

Note: This solution doesn’t work for RHEL 9-type distributions. Attempting it may break your server.

Then, remount /proc like this:

mount -o remount proc

Now, let me switch back to Elie and run the htop command again.

As you can see, Elie is now only able to view their own running processes.

The hidepid option with a value of 2 hides information about all running processes owned by other users, including the process directories in the /proc directory.

Conclusion and Final Thoughts

Easy, isn’t it?

I hope this tutorial was helpful for you in keeping your users’ running processes private.

If you found value in this tutorial or have any questions or feedback, please don’t hesitate to share your thoughts in the comments section below.

Your input is greatly appreciated, and you can also contact me directly if you prefer.

Newsletter

I'm excited to share my knowledge and experience! Subscribe to my newsletter for the latest updates. 👇

Leave a Reply

Your email address will not be published. Required fields are marked *