On Sonntag, 30. März 2014 19:14:32 CEST, Thiago Macieira wrote:
/proc/sys/kernel/yama/ptrace_scope
I'd never heard of Yama.
https://www.kernel.org/doc/Documentation/security/Yama.txt
Kinda new, but it's a stock kernel feature:
http://kernelnewbies.org/Linux_3.4
On top of this, one could also have ksmserver
PTRACE_ATTACH/SEIZE itself (at
least on linux that used to be a singleton feature), but root access more
or less implies "game over" in this context (you could simply replace
ksmserver or the greeter app with a "fixed" variant and wait for the next
incident)
Usually, root access and same-user access imply game-over. Which is why I
think this feature should be allowed in.
There's actually also prctl(PR_SET_DUMPABLE, ...) that can protect against debugging
(more reliable than ptracing oneself and available since 2.3.20 ... ie. "ever")
- protection against same-uid is lately been taken more seriously and the share of gdb
users should be rather low.
Also Ubuntu apparently recently set ptrace_scope to one by default lately
(apparently caused some help requests on ubuntuforums =)
I know that Arch has it set since a couple of month.
Cheers,
Thomas
