[charcircuit]

>It's not especially unexpected for a process to be able to modify its own memory.

It is unexpected for Bash to do that so it shouldn't be given access to ptrace.

[Retr0id]

stelf-loader does not use ptrace

[charcircuit]

Writing to /proc/pid/mem requires access to ptrace. I never said it would use ptrace directly.

[Retr0id]

It's gated by the same access control logic that governs ptrace yes, but it does not use ptrace directly nor indirectly. The first step of that logic is:

> If the calling thread and the target thread are in the same thread group, access is always allowed.