Hi Fabio, On Fri, Nov 28, 2025 at 01:06:46PM +0100, Fabio Valentini wrote: > On Fri, Nov 28, 2025 at 1:03 PM Florian Weimer <[email protected]> wrote: > > I assume they just run GDB or strace as root when they need just-in-time > > debugging. Which has its own security trade-off (although expect the > > user/root separation to be quite thin on developer systems anyway). > > > > Lots of developers may not even aware “eu-stack -p”, “gdb -p”, “pstack”, > > “strace -p”, and how useful those are for figuring out where a program > > is stuck. > > > my point -> -> -> -> -> -> > > your head > > Maybe the sarcasm wasn't quite thick enough in my last message, I > should have added `</sarcasm>` after all.
Better avoid sarcarm completely. It isn't a good way of clearly communication. And even with "sarcasm" markers it might cause people to not get your point. It is like using a double-negative, sometimes very hard to interpret. > All I wanted to say that it's really kind of silly how we keep > discussing the same issues over and over again, because other > distributions have apparently already solved this problem. Different distributions make different policy choices. They are trade-offs. If you want to prevent people having to cross a security boundary just to trace, profile or debug their own processes then you need different tradeoffs and solutions to "solve" what you see (or don't see) as a problem. There are even arguments to be made about what is or isn't a security boundary and whether the method to cross it is a solution or a new problem. Cheers, Mark -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
