Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
UNIX architecture means separate resources. Unless you give away privileges via sudo or use root. Obviously doesn't apply to doing something like './some_app pass=fucshia;'...
The very idea of Unix/Linux is security. Any leakage of info or resources means a violation of the very foundation of that idea. It is that base idea that protects your system against infections...
Why dont you expand on what your goal is? Unless the question was a pure educational and hypothetical one, in that case I thank you for that question
Melissa
In pretty much any modern-day system, each user's "session" consists of a tree of independently-running processes. The memory owned by each process is "virtual," and private to itself. (If fifty processes wrote a number to "address $12345678," all of them would see what they wrote ... because none of them, in fact, would be addressing the same physical memory locations.) Likewise, processes and sessions own "credentials," such as their user-id and maybe other things, which they cannot tamper-with and must possess in order to do things. And, so it goes.
Monitoring another process's memory takes debugging facilities, and the permission to use them, and it is still a difficult and uncertain thing to do. (I rarely use "debuggers" to debug my programs.)
The most likely way that Eve would find out what Alice likes is by reading her private .bash_history file, but this file ordinarily has "rw-------" permissions, which means that only Alice can use it. But, if Eve could trick Alice into doing something that changes the permissions on that file, Eve might be able to snoop. (The .mysql_history file, if it exists, is generally more problematic since it might contain passwords.) Again, "and so it goes."
So, the operating system et al provides the means to maintain system security (and, to keep you from blowing-off your own foot ...), but: "security is a process." You have to know how the system works, and how it can be made to use against you. It takes constant vigilance, and a healthy dose of suspicion. You're taking a walk along the fortress walls on a beautiful night, watching for Hamlet's ghost and listening for digging sounds.
The very idea of Unix/Linux is security. Any leakage of info or resources means a violation of the very foundation of that idea. It is that base idea that protects your system against infections...
Why dont you expand on what your goal is? Unless the question was a pure educational and hypothetical one, in that case I thank you for that question
Melissa
yup, just curiosity. i remember coming across a thread a while back talking about encrypting blocks of ram and was wondering what the point of that would be.
...is there a way for beatrice to know what alexs favorite color is ?
Maybe.
You might want to look into the forensic tools, volatility and LiME.
I recently had my first exposure to these tools and was actually successful in recovering some important data from a memory snapshot. So, while you cannot "see" into another user's terminal, processes or virtual memory in real time (as far as I know), you can take a snapshot of real memory and pick it over after the fact...
You could then search for strings or by user or by file (process) name, etc, for my_super_secret_favorite_color and associate it with fucshia and the user.
I have had only the single occasion to use these, and it is anything but a point-and-click process, but I was ultimately successful at the task... so anyone can do it...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.