By default, any user on a Linux server can use commands like
htop to view all running processes, including those owned by other users.
While this can be useful in certain situations, it can also pose security risks by exposing sensitive information to potential attackers.
This tutorial shows you how to restrict users from viewing processes owned by other users, thereby enhancing the security of your Linux server.
To make the most of this tutorial, ensure you have a server running Ubuntu.
If you don’t have one, consider getting a free VPS server to follow along.
Following along on your own server will enhance your understanding and practical experience.
To demonstrate how any user could see processes running by other users, I added a new user named Elie and ran the
Even with their normal user privileges, Elie is able to see all processes running, including those owned by root and various system users.
Keeping Users’ Processes Private
To keep users’ processes private, you need to add the following line to the end of the
proc /proc proc hidepid=2 0 0
Save and close the file.
Note: This solution doesn’t work for RHEL 9-type distributions. Attempting it may break your server.
/proc like this:
mount -o remount proc
Now, let me switch back to Elie and run the
htop command again.
As you can see, Elie is now only able to view their own running processes.
hidepid option with a value of
2 hides information about all running processes owned by other users, including the process directories in the
Conclusion and Final Thoughts
Easy, isn’t it?
I hope this tutorial was helpful for you in keeping your users’ running processes private.
If you found value in this tutorial or have any questions or feedback, please don’t hesitate to share your thoughts in the comments section below.
Your input is greatly appreciated, and you can also contact me directly if you prefer.