Contributed by Dengue on from the cool-new-features dept.
From the commit message to
source-changes@
:
Log message:
Turn the ptrace(2) syscall into a kernel compile option, option PTRACE in
your kernel configuration file.
By default, GENERIC will enable this.
When PTRACE is not enabled, several ptrace-like features of the procfs
filesystem will be disabled as well (namely, the ability to read and write
any process' registers, as well as attching, single stepping and detaching
to/from processes).
This should help paranoid people build better sandboxens, and us to build
smaller ramdisks.
On behalf of all the paranoid people with aluminium foil over their windows, thank you Miod.
I think I need topic artwork for "Current". Any volunteers?
(Comments are closed)
By Richard () on
By Bill Schaub () on
By baldusi () on
I mean. Daemon is OK for the ther BSDs, but OBSD uses the Blowfish. I've falled in love with it since the 2.9 art was so hilarous.
By Anonymous Coward () on
) current?
By fansipans () fansipansatdubdotgmudotedu on mailto:fansipansatdubdotgmudotedu
By Anonymous Coward () on
but i guess it's ultimately up to the one who makes the artwork...