Kees Cook <keescook@xxxxxxxxxxxx> writes: > On Thu, Oct 28, 2021 at 05:06:53PM -0500, Eric W. Biederman wrote: >> Kees Cook <keescook@xxxxxxxxxxxx> writes: >> >> > On Thu, Oct 28, 2021 at 12:26:26PM -0500, Eric W. Biederman wrote: >> >> Is it a problem that the debugger can see the signal if the process does >> not? > > Right, I'm trying to understand that too. However, my neighbor just lost > power. :| > > What I was in the middle of checking was what ptrace "sees" going > through a fatal SIGSYS; my initial debugging attempts were weird. Kees have you regained power and had a chance to see my SA_IMMUTABLE patch? Does what I implemented seem like it will work for you? I think it is a solid and simple solution to a pair of problems with my change to use the ordinary coredump path for seccomp. But I would very much love to hear it seems reasonable to you, as you were looking at the problem as well. Eric
