On 17.10.2020 18:53, Paul Goyette wrote: > Kamil wrote: > >> This, I propose to do the following: >> >> 1. Remove the modularization of ptrace. This does not affect the compat >> layers that still can and should be in my opinion modular. >> >> 2. Either abandon 'no PTRACE' or make it complete ifdefing all the >> ptrace-related code from the kernel core. > > I'm not commenting on usefulness of having a PTRACE module; I'll > leave that discussion to others. > > However, you cannot implement #2 without also implementing #1. You > cannot simply ifdef-out the calls to the ptrace code if it is still > possible to load ptrace as a module. > Yes. I propose to implement #1, move to #2 as requested and optionally #3 so the security concern is addressed for normal users, without the need to rebuild the kernel. >> 3. If we have security related concerns, add >> "security.models.extensions.ptrace". > > Of course, the sysctl would/should only exist if the kernel includes > ``options PTRACE'' > > > +--------------------+--------------------------+-----------------------+ > | Paul Goyette | PGP Key fingerprint: | E-mail addresses: | > | (Retired) | FA29 0E3B 35AF E8AE 6651 | paul%whooppee.com@localhost | > | Software Developer | 0786 F758 55DE 53BA 7731 | pgoyette%netbsd.org@localhost | > +--------------------+--------------------------+-----------------------+
Attachment:
signature.asc
Description: OpenPGP digital signature