On Mon, Feb 02, 2026 at 09:48:11AM -0500, Allison King via devel-announce wrote > By default, disable *some* debugging permissions for unprivileged > users using a system-wide kernel setting, so malware cannot inspect > other preexisting processes of an unprivileged user. When debugging > tools are installed, re-enable *full* normal functionality > system-wide using a sysctl file, as is the status quo up to Fedora > 44.
I like this a lot better than the previous proposal. The list of tools later in the doc seems reasonable (gdb being the most important of course). Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com libguestfs lets you edit virtual machines. Supports shell scripting, bindings from many languages. http://libguestfs.org -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
