> > In a german developer blog article was the topic raised, that with > > uprobes enabled, userland apps can i.e. circumvent tls security(and > > other protections), > > by telling the kernel to probe the function calls with the uprobes api. > > As this enables i.e. the hosting system of a vm or container, to track > > activity inside the container, trust is lost i.e. from customer to > > hoster. To be fair, you need to be root on the host to do this, but as > > it "wasn't possible before", and it is "now" ( out in a greater public > > ), it tends to create trust issues, just for being there*. > > > > As this only works with uprobes enabled and has no use case besides a > > developer debugging apps, the question is: > > > > Do we need this for all others out there enabled by default? > > Both systemtap and bpftrace can use uprobes. Those capabilities have > been important from time to time in my job. That does not mean that > my ability to do my job should outweigh security concerns, of course, > but I think some effort should be made to find out if use of uprobes > via systemtap and bpftrace is common amongst Fedora users. And unfortunately it's not buildable as a module, I suspect there's some form of capabilities around it, I'm not sure if that can be tightened. -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
