proc(5) - f33

1PROC(5)                    Linux Programmer's Manual                   PROC(5)
2
3
4

NAME

6       proc - process information pseudo-filesystem
7

DESCRIPTION

9       The  proc filesystem is a pseudo-filesystem which provides an interface
10       to kernel data structures.  It is commonly  mounted  at  /proc.   Typi‐
11       cally,  it  is  mounted automatically by the system, but it can also be
12       mounted manually using a command such as:
13
14           mount -t proc proc /proc
15
16       Most of the files in the proc filesystem are read-only, but some  files
17       are writable, allowing kernel variables to be changed.
18
19   Mount options
20       The proc filesystem supports the following mount options:
21
22       hidepid=n (since Linux 3.3)
23              This   option   controls  who  can  access  the  information  in
24              /proc/[pid] directories.  The argument, n, is one of the follow‐
25              ing values:
26
27              0   Everybody  may  access all /proc/[pid] directories.  This is
28                  the traditional behavior, and  the  default  if  this  mount
29                  option is not specified.
30
31              1   Users  may  not  access  files and subdirectories inside any
32                  /proc/[pid]  directories  but  their  own  (the  /proc/[pid]
33                  directories  themselves  remain  visible).   Sensitive files
34                  such as /proc/[pid]/cmdline and /proc/[pid]/status  are  now
35                  protected  against other users.  This makes it impossible to
36                  learn whether any user is running  a  specific  program  (so
37                  long  as  the program doesn't otherwise reveal itself by its
38                  behavior).
39
40              2   As for mode 1, but in addition the  /proc/[pid]  directories
41                  belonging  to other users become invisible.  This means that
42                  /proc/[pid] entries can no longer be used  to  discover  the
43                  PIDs  on  the  system.   This  doesn't  hide the fact that a
44                  process with a specific PID value exists (it can be  learned
45                  by  other  means,  for  example,  by "kill -0 $PID"), but it
46                  hides a process's UID and  GID,  which  could  otherwise  be
47                  learned  by  employing  stat(2)  on a /proc/[pid] directory.
48                  This greatly complicates an  attacker's  task  of  gathering
49                  information   about  running  processes  (e.g.,  discovering
50                  whether some daemon is  running  with  elevated  privileges,
51                  whether  another  user  is  running  some sensitive program,
52                  whether other users are running any program at all,  and  so
53                  on).
54
55       gid=gid (since Linux 3.3)
56              Specifies  the  ID  of  a  group whose members are authorized to
57              learn process information otherwise prohibited by hidepid (i.e.,
58              users  in  this  group  behave  as though /proc was mounted with
59              hidepid=0).  This group should be  used  instead  of  approaches
60              such as putting nonroot users into the sudoers(5) file.
61
62   Overview
63       Underneath  /proc,  there are the following gen