On 15/08/2024 00:59, pgnd wrote:
...
Changing one setting isn't a lockdown. But if you're wondering about
the> nature of the apparent difference, it's really just one is a
strategy to
mitigate a comprehensive threat model vs defaults settings that are
easily
changeable.
sure. thx for the 'analysis'. but wrong choir ;-)
@ desktop,
install ubuntu + 1pass, all good
install debian + 1pass, all good
install redhat + 1pass, problems -> fixed by changing ptrace_scope
default to = 1
install fedora + 1pass, problems -> fixed by changing ptrace_scope
default to = 1
Why though? It doesn't make any sense that a program only works
when ptrace is more restricted unless it's deliberately checking
that setting and refusing to run when it is zero.
Setting it to 1 might be fine for an average user but for anybody
using their machine for development work it will be a real problem.
Tom
--
Tom Hughes (tom@xxxxxxxxxx)
http://compton.nu/
--
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
