change coming with maverick's 2.6.34-5 kernels

Clint Byrum clint.byrum at
Tue Jun 1 23:31:19 BST 2010

On Sun, 2010-05-30 at 22:03 -0700, Kees Cook wrote:
> Hello,
> As discussed[1] at UDS, Maverick's kernel will include three changes that
> are common to other security-hardened Linux distributions.  The intent
> is to gain these additional protections for the by-default average
> Ubuntu system:
>  a) PTRACE of direct children only (protects credentials-of-the-past)
> What this means for you if you don't change any of the defaults:
>  a) Using "strace -p PID" and gdb's "attach" command will NOT work
>     unless you are the root user (i.e. use "sudo strace -p PID ...")
>     Running stuff with "strace" and "gdb" directly will work normally.

More information about the ubuntu-devel mailing list