restricted /proc
There is a kernel patch that does this by changing permissions of nodes in /proc to 500 or 550, but since this is Xen that isn't possible. Is there a way to accomplish this with a kernel module, or maybe even jailed processes/shells using AppArmor?
2 Replies
@fendrish78:
I am pretty sure you can do what you want by chrooting ssh. Below is howto based on debian but you should be able to adapt to just about anything.
http://www.howtoforge.com/chrootedsshhowto_debian
Seems a little overkill. It's a possibility, but one of the last I'd want. Chroots are a pain to get going and maintain during server restarts and the like.