oss-sec mailing list archives
Re: Disabling ptrace
From: Jakub Wilk <jwilk () jwilk net>
Date: Wed, 2 Jan 2019 11:09:47 +0100
* Niels Möller <nisse () lysator liu se>, 2019-01-01, 12:27:
Matthew Fernandez <matthew.fernandez () gmail com> writes:E.g. you can attach to the victim process with gdb/ptrace and simply read its memory, if the sysadmin has not blocked this with Yama or similar.I think one can disable this in the process itself, using prctl with PR_SET_DUMPABLE. But documentation is a bit unclear and doesn't exlicitly mention effect on ptrace
The prctl(2) man page reads: “Processes that are not dumpable can not be attached via ptrace(2) PTRACE_ATTACH; see ptrace(2) for further details.”
(and other debugging interfaces).
What other interfaces do you have in mind? -- Jakub Wilk
Current thread:
- Re: Asserts considered harmful (or GMP spills its sensitive information) Matthew Fernandez (Jan 01)
- Disabling ptrace (was Re: [oss-security] Asserts considered harmful (or GMP spills its sensitive information)) Niels Möller (Jan 01)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- Re: Disabling ptrace Niels Möller (Jan 02)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- <Possible follow-ups>
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Disabling ptrace (was Re: [oss-security] Asserts considered harmful (or GMP spills its sensitive information)) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Vincent Lefevre (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Torbjörn Granlund (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)