Ok so it's actually implemented in FreeBSD and NetBSD. FreeBSD: security.bsd.see_other_uids=0 (in sysctl.conf) NetBSD: security.models.bsd44.curtain=1 (in sysctl.conf)
I suppose I'll get to work porting one of those. On Thu, Feb 2, 2012 at 5:27 AM, Tomas Bodzar <tomas.bod...@gmail.com> wrote: > On Thu, Feb 2, 2012 at 7:29 AM, Paul Dejean <p...@officegps.com> wrote: >> I'll start working on a patch (even though it'll take me forever) if I >> can be confident it wouldn't be vetoed because people don't like the >> concept. > > Don't reinvent wheel https://www.youtube.com/watch?v=JaVnNllZxn4 > > Eg. actual situation in NetBSD > http://www.feyrer.de/NetBSD/bx/blosxom.cgi/nb_20100605_1826.html is > quite similar to Solaris, but don't know technical details (how secure > is that in fact) > >> >> On Wed, Feb 1, 2012 at 11:00 PM, Richard Toohey >> <richardtoo...@paradise.net.nz> wrote: >>> On 2/02/2012, at 12:30 PM, Paul Dejean wrote: >>> >>>> Even though it's bad practice, a lot of commonly programs will request >>>> passwords or similar sensitive information as command line arguments. >>>> For instance, curl, svn, useradd... There will usually be a way to >>>> work around doing things this way (curl can read from a config file >>>> for instance), but doing so is a hassle (have to write a new config >>>> file for each request). >>>> >>>> I would really like some way to turn the access unprivileged users >>>> have to this information on and off. Ideally I'd like it off by >>>> default in OpenBSD (secure by default). >>>> >>>> Also I would like to add, that even if you folks shoot down this FR as >>>> being an awful idea. It's good that there's an operating system >>>> community where I feel comfortable bringing up this request, where I >>>> wouldn't hear things like: >>>> "You have untrusted users on your system? What a n00b" >>>> "All security features are off by default, why should it be our >>>> responsibility to protects admins from their stupid mistakes?" >>>> "omg why should you care. hunting for sensitive information? it's not >>>> like anyone actually does that" >>>> >>> I've got no comment on the idea itself ... >>> >>> In this "community", the reply is likely to be "great idea, where is your >>> sample implementation?" >>> >>> There are not a lot of developers - I'm not one - so generally ideas need >>> to be accompanied by code. >>> >>> It's a bit like the school P.T.A. that I help out with - there are lots of >>> ideas, but very few helpers - ideas welcome, but they need to be attached >>> to someone willing to actually do the work. >>> >>> HTH.