On 9/8/25 2:11 PM, Christopher Klooz wrote:
With regards to `ptrace_scope`, it seems that developers engaging in
debugging on lower abstraction layers might experience `ptrace_scope` to
hinder their capability to attach tools like `gdb` or `strace` to running
processes, but by default Fedora should not be set to a "debugging mode"
(as we also do not boot our kernel by default in debugging mode, for good
reasons), and it can be expected that people who engage in such activities
will be able to identify how to temporarily or permanently disable these
settings or to identify the relevant documentation if it exists:
documentation is the answer,
I think attaching strace (and gdb) to running userland processes is an
essential debugging and performance measurement technique, and disabling
it does not make sense to me, even in my security hat. I understand that
you can strace only your own processes, so what is the problem in that?
--
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
