SELinuxDenyPtrace: Write, compile, run, but don't debug applications?
Rex Dieter
rdieter at math.unl.edu
Mon Apr 9 12:11:06 UTC 2012
Matej Cepl wrote:
> On 9.4.2012 00:31, Kevin Kofler wrote:
>> +1, this broken misfeature really needs to be turned off by default. It
>> also breaks crash reporters such as DrKonqi (for DrKonqi, we work around
>> this by
>
> OK, this is bad ... is it just because somebody ignored DrKonqi (which
> would be very bad indeed),
Dan was made aware of the implications of breaking drkonqi,
http://danwalsh.livejournal.com/49564.html
(see comment "DrKonqi, ABRT etc")
and suggested we toggle the selinux boolean to disable it.
> or are abrt and breakpad also affected?
abrt works differently (it works on .core files), and should be unaffected
as I understand it.
-- rex
More information about the devel
mailing list