grsecurity forums

Skip to content

grsec + software development

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

grsec + software development

Postby cmouse » Tue Dec 14, 2004 7:10 pm

grsec: From 62.237.194.186: (default:D:/usr/bin/gdb) denied ptrace of /home/cmouse/projects/HBS/hbs(hbs:15102) by /usr/bin/gdb[gdb:21410] uid/euid:1000/1000 gid/egid:1000/1000, parent /home/cmouse/projects/HBS/hbs[hbs:15102] uid/euid:1000/1000 gid/egid:1000/1000

Can I somehow allow certain users to be exempt of ptrace restrictions so that they can debug their processes using gdb attach. I can make gdb debug stuff if they are started within gdb, but if I try to attach to something, I get that. Is there a way to allow it to attach to processes?
cmouse
 
Posts: 98
Joined: Tue Dec 17, 2002 10:58 am
Top

Postby spender » Wed Dec 15, 2004 1:15 am

in /etc/grsec/policy:

# new subject modes:
# r -> relax ptrace restrictions (allows process to ptrace processes
# other than its own descendants)

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm
Top

Postby cmouse » Wed Dec 15, 2004 1:52 am

Thank you for pointing this out =)
cmouse
 
Posts: 98
Joined: Tue Dec 17, 2002 10:58 am
Top
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group