Component

systemd

Is your feature request related to a problem? Please describe

hidepid is a security feature. However, even if using hidepid and unprivileged run of systemctl status unit-name and systemd's D-Bus interface / API.

quote https://access.redhat.com/solutions/6704531

Last problem, that we would like to highlight is potential information leak and false sense of security that hidepid= provides. Information (PID numbers, command line arguments, UID and GID) about system services are tracked by systemd. By default this information is available to everyone to read via systemd's D-Bus interface. When hidepid= option is used systemd doesn't take it into consideration and still exposes all this information at the API level.

Describe the solution you'd like

• Not exposing this information by default. Or a new option to disable exposing this information.
• Available to privileged users only (root, capability or group setting).

Describe alternatives you've considered

None.

The systemd version you checked that didn't have the feature you are asking for

No response