Limiting who/w output

H

hashime

Hello

I am trying to restrict normal users seeing who is logged in with w and who. Is there a way on FreeBSD to (easily) accomplish that?
 
chmod 640 /var/run/utx.active

Only root and users in the wheel group will be able to see any output with who(1) then.
But I don't know what the implications of this are. This could be a really bad idea...

You probably also want to set the sysctl security.bsd.see_other_uids=0, so that other users don't show in top or ps.
 
security.bsd.see_other_uids=0 I got already from the FreeBSD manual.

chmod 640 /var/run/utx.active works as a workaround, users don't see themselves then either, but that's not too important.

Thank you. I'll try it and see if it causes some fallout.
 
You didn't mention the use case for your system, however, you could just use jail(8)s to completely isolate the accounts if feasible. It may of course be overkill for your use case but just a thought anyway.
 
The use case is that I want users not to see the IP of other currently logged in users and give them as much privacy as possible. It's not really important, I am just curious how that would be done on a FreeBSD system, since I just recently switched from Linux and have no clue whatsoever what I am actually doing ;)
 
You must log in or register to reply here.
Back
Top