How to Hide User Processes from Other Users in Linux Using hidepid

Introduction

On multi-user Linux systems, users can typically view running processes belonging to other users through commands such as ps, top, htop, and by browsing the /proc filesystem.

While this behavior is acceptable in some environments, it can expose sensitive information such as:

  • Running applications
  • Command-line arguments
  • Script names
  • Database connection parameters
  • Service configurations
  • User activity information

To improve privacy and security, Linux administrators can restrict process visibility by using the hidepid mount option for the /proc filesystem.

This guide explains how to hide user processes from other users on RHEL, AlmaLinux, Rocky Linux, Oracle Linux, and CentOS Stream.


Understanding the /proc Filesystem

Linux stores process information inside:

/proc

Each running process receives its own directory:

/proc/1234
/proc/5678
/proc/8910

Users can normally inspect these directories and gather information about processes running under other accounts.

For example:

ps aux

or

top

will display processes owned by all users.


Why Restrict Process Visibility?

On shared servers, restricting process visibility provides several benefits:

  • Prevents information leakage
  • Improves user privacy
  • Reduces reconnaissance opportunities
  • Protects application arguments and environment details
  • Hardens multi-user environments

This is especially useful on:

  • Shared hosting servers
  • University systems
  • Terminal servers
  • Bastion hosts
  • Development environments
  • Multi-user VPS platforms

Check the Current /proc Mount Options

View the current configuration:

mount | grep proc

Example output:

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)

If hidepid is not present, all users can view most process information.


Enable hidepid=2

The most common configuration is:

hidepid=2

This option prevents users from viewing processes owned by other users.

Only the following remain visible:

  • Their own processes
  • Root-owned processes (for administrators)
  • Kernel processes where applicable

Temporarily Configure hidepid

Apply the setting immediately:

mount -o remount,rw,hidepid=2 /proc

Verify:

mount | grep proc

Expected output:

proc on /proc type proc (rw,hidepid=2)

Make the Configuration Persistent

Edit the filesystem table:

sudo nano /etc/fstab

Add or modify the proc entry:

proc    /proc    proc    defaults,hidepid=2    0 0

Save the file.

Remount:

mount -o remount /proc

Alternatively reboot the system.


Testing the Configuration

Create two test users:

useradd user1
useradd user2

Switch to user1:

su - user1
sleep 5000 &

Switch to user2 and run:

ps aux

Before enabling hidepid, user2 can see user1’s processes.

After enabling hidepid=2, user2 will only see their own processes.


Understanding hidepid Values

Linux supports multiple levels:

hidepid=0

Default behavior.

All users can view all processes.

hidepid=1

Users can see process IDs but cannot inspect details.

This provides basic privacy.


hidepid=2

Users cannot see processes belonging to other users.

This is the most commonly recommended setting.


Allow Administrators to View All Processes

Create a dedicated monitoring group:

groupadd procmon

Obtain the group ID:

getent group procmon

Example:

procmon:x:1005:

Configure:

mount -o remount,hidepid=2,gid=1005 /proc

Members of the group will retain full process visibility.

Add administrators:

usermod -aG procmon adminuser

Verify Visibility Restrictions

As a regular user:

ps aux

You should no longer see processes belonging to other users.

Attempting to inspect another user’s process:

cat /proc/1234/status

may return:

Permission denied

which confirms the protection is working.


Potential Compatibility Considerations

Before deploying hidepid in production, test applications that rely on process visibility.

Examples include:

  • Monitoring tools
  • Custom scripts
  • Backup software
  • Performance analyzers
  • Security scanners

Most modern enterprise applications work correctly with hidepid=2 when monitoring accounts are placed in a dedicated group.


Additional Security Recommendations

For enhanced process isolation:

  • Enable hidepid=2
  • Restrict shell access where possible
  • Use sudo instead of shared administrative accounts
  • Disable unnecessary services
  • Regularly audit user permissions
  • Monitor access logs
  • Implement SELinux policies

Conclusion

The hidepid mount option is one of the simplest and most effective ways to improve privacy and security on multi-user Linux systems. By preventing users from viewing processes owned by other accounts, administrators can reduce information leakage and strengthen overall system isolation.

For RHEL, AlmaLinux, Rocky Linux, Oracle Linux, and CentOS Stream systems, configuring hidepid=2 is considered a best practice for shared server environments.

Scroll to Top