lets say you have a few people logged into a system like so:and then alex writes on his terminal:is there a way for beatrice to know what alexs favorite color is ?

UNIX architecture means separate resources. Unless you give away privileges via sudo or use root. Obviously doesn't apply to doing something like './some_app pass=fucshia;'...

1 members found this post helpful.

The very idea of Unix/Linux is security. Any leakage of info or resources means a violation of the very foundation of that idea. It is that base idea that protects your system against infections...
Why dont you expand on what your goal is? Unless the question was a pure educational and hypothetical one, in that case I thank you for that question
Melissa

1 members found this post helpful.

In pretty much any modern-day system, each user's "session" consists of a tree of independently-running processes. The memory owned by each process is "virtual," and private to itself. (If fifty processes wrote a number to "address $12345678," all of them would see what they wrote ... because none of them, in fact, would be addressing the same physical memory locations.) Likewise, processes and sessions own "credentials," such as their user-id and maybe other things, which they cannot tamper-with and must possess in order to do things. And, so it goes.

Monitoring another process's memory takes debugging facilities, and the permission to use them, and it is still a difficult and uncertain thing to do. (I rarely use "debuggers" to debug my programs.)

The most likely way that Eve would find out what Alice likes is by reading her private .bash_history file, but this file ordinarily has "rw-------" permissions, which means that only Alice can use it. But, if Eve could trick Alice into doing something that changes the permissions on that file, Eve might be able to snoop. (The .mysql_history file, if it exists, is generally more problematic since it might contain passwords.) Again, "and so it goes."

So, the operating system et al provides the means to maintain system security (and, to keep you from blowing-off your own foot ...), but: "security is a process." You have to know how the system works, and how it can be made to use against you. It takes constant vigilance, and a healthy dose of suspicion. You're taking a walk along the fortress walls on a beautiful night, watching for Hamlet's ghost and listening for digging sounds.

yup, just curiosity. i remember coming across a thread a while back talking about encrypting blocks of ram and was wondering what the point of that would be.

Maybe.

You might want to look into the forensic tools, volatility and LiME.

I recently had my first exposure to these tools and was actually successful in recovering some important data from a memory snapshot. So, while you cannot "see" into another user's terminal, processes or virtual memory in real time (as far as I know), you can take a snapshot of real memory and pick it over after the fact...

You could then search for strings or by user or by file (process) name, etc, for my_super_secret_favorite_color and associate it with fucshia and the user.

I have had only the single occasion to use these, and it is anything but a point-and-click process, but I was ultimately successful at the task... so anyone can do it...

@ schneidz
Aaaah, the better human trait...
Melissa