ptrace(2): document policies affecting access to the facility
Reviewed by: emaste Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D33986
This commit is contained in:
Konstantin Belousov
parent
fe6db72708
commit
a393644ecb
@ -2,7 +2,7 @@
|
||||
.\" $NetBSD: ptrace.2,v 1.2 1995/02/27 12:35:37 cgd Exp $
|
||||
.\"
|
||||
.\" This file is in the public domain.
|
||||
.Dd May 20, 2021
|
||||
.Dd January 22, 2022
|
||||
.Dt PTRACE 2
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -122,6 +122,55 @@ Kernel drops any
|
||||
signals queued to the traced children, which could be either generated by
|
||||
not yet consumed debug events, or sent by other means, the later should
|
||||
not be done anyway.
|
||||
.Sh DISABLING PTRACE
|
||||
The
|
||||
.Nm
|
||||
subsystem provides rich facilities to manipulate other processes state.
|
||||
Sometimes it may be desirable to disallow it either completely, or limit
|
||||
its scope.
|
||||
The following controls are provided for this:
|
||||
.Bl -tag -width security.bsd.unprivileged_proc_debug
|
||||
.It Dv security.bsd.allow_ptrace
|
||||
Setting this sysctl to zero value makes
|
||||
.Xr ptrace 2
|
||||
return
|
||||
.Er ENOSYS
|
||||
always as if the syscall is not implemented by the kernel.
|
||||
.It Dv security.bsd.unprivileged_proc_debug
|
||||
Setting this sysctl to zero disallows use of
|
||||
.Fn ptrace
|
||||
by unprivileged processes.
|
||||
.It Dv security.bsd.see_other_uids
|
||||
Setting this sysctl to zero value disallows
|
||||
.Fn ptrace
|
||||
requests from targeting processes with the real user identifier different
|
||||
from the real user identifier of the caller.
|
||||
The requests return
|
||||
.Er ESRCH
|
||||
if policy is not met.
|
||||
.It Dv security.bsd.see_other_gids
|
||||
Setting this sysctl to zero value disallows
|
||||
.Fn ptrace
|
||||
requests from process belonging to a group that is not also one of
|
||||
the group of the target process.
|
||||
The requests return
|
||||
.Er ESRCH
|
||||
if policy is not met.
|
||||
.It Dv securelevel and init
|
||||
The
|
||||
.Xr init 1
|
||||
process can only be traced with
|
||||
.Nm
|
||||
if securelevel is zero.
|
||||
.It Dv procctl(2) PROC_TRACE_CTL
|
||||
Process can deny attempts to trace itself with
|
||||
.Xr procctl 2
|
||||
.Dv PROC_TRACE_CTL
|
||||
request.
|
||||
In this case requests return
|
||||
.Xr EPERM
|
||||
error.
|
||||
.El
|
||||
.Sh TRACING EVENTS
|
||||
.Pp
|
||||
Each traced process has a tracing event mask.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user