Patch to allow for privacy-protected /proc

Johannes Bauer dfnsonfsduifb at
Wed Dec 2 04:42:47 PST 2009

Dear list,

I've proposed a patch to the Gentoo developers, as HAL is in
maintenance mode ("no new features are added"). However, I was
redirected to you ("You actually want to submit such patch upstream"),
which is why I will repost my original message here. The original
posting be found at .
I've not attached the (trivial) patch here, but it is available at .

Kind regards,

Original message follows:

Having /proc with 755 is a privacy problem: Another user can, for
example, see by using "ps" what movies others are watching, etc. A
solution for this is making /proc 750 and chown it to root:procers. Only
users who are added to procers may monitor proc support.

In order to get hald running that way, the "haldaemon" user obviously
has to be added to the procers group. When everything is set up this
way, hald still will refuse to work and crash immediately on startup.
This is because the hald developers are not calling initgroups(2).
Obviously, auxiliary groups are not needed to be initialized when /proc
has 755 permissions.

However, in a setup like the above described, it is necessary for hald
to perform the initgroups(2) call. Luckily, the change to the code is
minimal as such a thing was already thought of (the appropriate function
receives a parameter, which is in the current code always set to "0"

The patch I propose (because HAL is out of maintenance and they won't
accept patches) will enable the user to supply a command line parameter
which will optionally enable auxiliary group support
("--keep-auxgroups"). If it is not specified, everything will run normally.

Reproducible: Always

Steps to Reproduce:
1. chmod 750 /proc
2. chown root:procers /proc
3. Add "haldaemon" to "procers" groups
4. Start hald
Actual Results:
09:59:12.577 [I] hald.c:671: hal 0.5.12rc1
09:59:12.577 [I] hald.c:736: Will not daemonize
09:59:12.577 [I] hald_dbus.c:5417: local server is listening at
09:59:12.578 [I] ck-tracker.c:391: got seat
09:59:12.579 [I] ck-tracker.c:321: got session
'/org/freedesktop/ConsoleKit/Session2' for seat
09:59:12.579 [I] ck-tracker.c:274: Got active state (ACTIVE) and uid 1000 on
session '/org/freedesktop/ConsoleKit/Session2'
09:59:12.579 [I] ck-tracker.c:342: Got all sessions on seat
09:59:12.579 [I] ck-tracker.c:418: Got seats
09:59:12.579 [I] ck-tracker.c:816: Got seats and sessions
Runner started - allowed paths are
09:59:12.581 [I] hald_runner.c:301: Runner has pid 4358
09:59:12.581 [I] hald_runner.c:182: runner connection is 0x664320
09:59:12.581 [W] osspec.c:383: Unable to open /proc/mdstat: No such file or
09:59:12.582 [I] mmap_cache.c:274: cache mtime is 1257707879
*** [DIE] osspec.c:osspec_init():439 : Unable to read /proc/mounts

Expected Results:
Hald starts nicely.

More information about the hal mailing list