sysctl.d/00-ptrace-restricted.conf: drop from 3 to 2 (no to admin-only)

This commit is contained in:
Aminda Suomalainen 2024-07-23 15:18:35 +03:00
parent d5c7bc8160
commit 6362661113
Signed by: Mikaela
SSH Key Fingerprint: SHA256:CXLULpqNBdUKB6E6fLA1b/4SzG0HvKD19PbIePU175Q

View File

@ -1,5 +1,8 @@
# Only let child processes to be debugged # Only let child processes to be debugged
# https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html # https://www.kernel.org/doc/html/latest/admin-guide/LSM/Yama.html
#kernel.yama.ptrace_scope = 1 #kernel.yama.ptrace_scope = 1
# Disable debuggers entirely # Only processes with CAP_SYS_PTRACE capability are allowed unless children
kernel.yama.ptrace_scope = 3 # call PTRACE_TRACEME.
kernel.yama.ptrace_scope = 2
# Disable debuggers entirely. Cannot be unset [without reboot].
#kernel.yama.ptrace_scope = 3