While I think this is a great feature to use, I would not make it mandatory. We have seen this feature impact functionality of certain applications when enabled.
Paul M. Whitney
E-mail: paul.whitney(a)mac.com
Cell: 410.493.9448
Sent from my browser.
On Jan 19, 2017, at 11:19 AM, Trevor Vaughan <tvaughan(a)onyxpoint.com> wrote:
Hi All,
For some time now, I've been adding 'hidepid=2' to my systems to limit process list access to the users that own the processes themselves.
I would like to propose that this be added to the SSG since it provides a very straightforward mechanism for reducing system process enumeration by regular users and/or rogue daemons.
Thanks,
Trevor
--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699 x788
-- This account not approved for unencrypted proprietary information --
_______________________________________________
scap-security-guide mailing list -- scap-security-guide(a)lists.fedorahosted.org
To unsubscribe send an email to scap-security-guide-leave(a)lists.fedorahosted.org