On 9 June 2017 at 22:30, Yuriy M. Kaminskiy <yum...@gmail.com> wrote: > > Don't know about windows, but on linux no additional "debug privileges" > needed. You can attach debugger (ptrace syscall) to any process running > with under same user. Additional privileges needed only for debugging > processes running under different users (or suid executables). >
This is generally true, but might not be in the future. The linux kernel does have an option to limit the processes on which ptrace is effective, even within processes owned by a specific user. Archlinux at least enables it by default, I guess time will tell if it sees widespread adoption. I think it works by allowing ptrace only if invoked by root, or if the target process is a child of the calling process. I can't find much documentation on it but here's the arch description: https://wiki.archlinux.org/index.php/security#ptrace_scope -Rowan _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
