Re: SELinuxDenyPtrace: Write, compile, run, but don't debug applications?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

dwalsh wrote:

> I thought I made this clear in my blogs and the feature page that I wanted
> this on deny_ptrace on by default.
> [...]
> https://fedoraproject.org/wiki/Features/SELinuxDenyPtrace

The version of this page that you last edited [1] (and presumably
as seen by FESCO) had this blurb:

  The deny_ptrace boolean will deny all processes even the
  unconfined_t domain from being able to ptrace other domains. Because
  of this it will be optional and turned off by default

which seems easy to interpret as the opposite of "deny_ptrace on by default".

[1] https://fedoraproject.org/w/index.php?title=Features/SELinuxDenyPtrace&oldid=268413

- FChE
-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux