Date: Sat, 3 Jan 2015 17:51:00 +0000 From: Robert Watson <rwatson@FreeBSD.org> To: Konstantin Belousov <kostikbel@gmail.com> Cc: arch@freebsd.org Subject: Re: Disabling ptrace Message-ID: <4DC2F5F5-1C46-453C-80C9-0BCC8884A1A1@FreeBSD.org> In-Reply-To: <20150103142535.GW42409@kib.kiev.ua> References: <20141230111941.GE42409@kib.kiev.ua> <alpine.BSF.2.11.1501020906300.69379@fledge.watson.org> <20150102171314.GS42409@kib.kiev.ua> <179DAA4D-3526-446C-A0A2-9F7DA137293F@FreeBSD.org> <20150103142535.GW42409@kib.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On 3 Jan 2015, at 14:25, Konstantin Belousov <kostikbel@gmail.com> = wrote: >=20 >> In general, we had always planned to allow auditing of far more = asynchronous events than we currently do ??? e.g., firewall events = triggered asynchronously by system-call behaviour. We also had loose = plans to allow auditing of NFS-originated RPCs, although those are = arguably fairly synchronous and not so dissimilar to system calls in = various ways. >=20 > Isn't allowing a process to exempt itself from aduting a real security = bug ? Oh, definitely. This was an example, however, of more asynchronous = tracing types and events, where having access to the =E2=80=98tracing = disabled=E2=80=99 state of the originating process might prove = important. For example, if we extended ktrace to support tracing some of = the same sorts of asynchronous events, where full process context = isn=E2=80=99t available, but the events can be cleanly tied back to the = initiating process via a saved credential. >> I???m OK with putting the flag on the process, but frequently the = process credential is where we stick security-related subject/object = flags... >=20 > Should I interpret the statement as agreement, in principle, with the = patch ? As long as it is clearly and carefully documented in the man page that = this is a non-security feature, I=E2=80=99m alright with it being = brought in. We might want to think about how tools such as DTrace, etc, = should report tracing failures when the flag is set. Robert=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4DC2F5F5-1C46-453C-80C9-0BCC8884A1A1>