Y
Hacker News
new
|
ask
|
show
|
jobs
by
remram
1263 days ago
strace uses ptrace, which is not safe for security use because of race conditions. Linux Security Modules should be used.
https://stackoverflow.com/a/4421762/711380
1 comments
ashishbijlani
1263 days ago
Thanks for highlighting this! While PTRACE introduces TOCTTOU vulnerabilities, Packj sandboxes fixes that by using read-only args for ptrace. You can find my PhD work [1] on this relevant.
1.
https://lwn.net/Articles/803890/
link
1. https://lwn.net/Articles/803890/