grsecurity forums

Skip to content

Using "w" fails to display online users

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

Using "w" fails to display online users

Postby noct » Fri Feb 14, 2003 4:16 am

Ever since I started using grsecurity on the 2.4.20 kernel I can no longer see who is logged in(normal level user) when using the "w" command. The "who" command still displays who is logged in, has anyone else experienced this? No issues with grsecurity on 2.4.18. I find it weird that who still shows whos on and w doesnt, and as root w works. Any help appreciated.
noct
 
Posts: 6
Joined: Tue Dec 31, 2002 4:54 pm
Top

Postby spender » Fri Feb 14, 2003 8:22 am

This has been explained several times before. "w" uses /proc to generate its output, and the /proc restrictions keep it from getting that info. "who" uses /var/log/wtmp and /var/run/utmp. If you want to restrict who as well, make /var/log/wtmp and /var/run/utmp sgid utmp and remove their world-readable permission, and make who sgid utmp.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top

Postby noct » Sat Feb 15, 2003 6:54 pm

Thats fine, how about not restricting that particular file that it reads from /proc so "w" works?
noct
 
Posts: 6
Joined: Tue Dec 31, 2002 4:54 pm
Top

Postby spender » Sat Feb 15, 2003 8:38 pm

It's not a single file. w relies on the very thing that /proc restrictions stop, being able to view info on all processes running on the system.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group