Posted Apr 12, 2012 12:59 UTC (Thu) by corbet
In reply to: SELinuxDenyPtrace and security by default
Parent article: SELinuxDenyPtrace and security by default
Being able to trace only children by default is likely to be part of the solution at the end. But, as many people pointed out in the discussion, there are a lot of uses of commands like strace -p, so this policy will still cause problems.
to post comments)