change coming with maverick's 2.6.34-5 kernels
Clint Byrum
clint.byrum at canonical.com
Tue Jun 1 23:31:19 BST 2010
On Sun, 2010-05-30 at 22:03 -0700, Kees Cook wrote:
> Hello,
>
> As discussed[1] at UDS, Maverick's kernel will include three changes that
> are common to other security-hardened Linux distributions. The intent
> is to gain these additional protections for the by-default average
> Ubuntu system:
>
> a) PTRACE of direct children only (protects credentials-of-the-past)
<snip>
> What this means for you if you don't change any of the defaults:
>
> a) Using "strace -p PID" and gdb's "attach" command will NOT work
> unless you are the root user (i.e. use "sudo strace -p PID ...")
> Running stuff with "strace" and "gdb" directly will work normally.
>
More information about the ubuntu-devel
mailing list