Subject: Re: The reason for securelevel (was: sysctl knob to let sugid processes dump core (pr 15994))
To: Steven M. Bellovin <smb@cs.columbia.edu>
From: Martin Husemann <martin@duskware.de>
List: tech-kern
Date: 01/26/2006 11:25:38
To be consistent, I think we also should have a sysctl knob that (dis-)allows
root to ptrace(PT_ATTACH, ...) to suid processes, and forbid changing this
setting at securelevel >= 1.
Martin