Journal of a Programmer: Ubuntu 10.10 kernel hardening, ptrace protection, and GDB attaching

Monday, December 6, 2010

Ubuntu 10.10 kernel hardening, ptrace protection, and GDB attaching

Today I happened to try to use the gdb debugger to try to attach to an already-running process, and failed:

ptrace: Operation not permitted.

After a certain amount of bashing-of-head-against-wall and cursing-of-frustration-didn't-this-work-before activities, I did a bit of web searching, and found:

gdb attach fails with ptrace: Operation not permitted

SecurityTeam/Roadmap/KernelHardening

Fixing problems on new Ubuntu version "Maverick Meerkat"

I'm not completely sure what to make of this, but the suggested workaround:


# echo 0 > /proc/sys/kernel/yama/ptrace_scope

(executed as root) seems to have done the trick, for now.

If this happened to be your particular nightmare as well, hopefully this saved you a few seconds of anguish...

2 comments:

AnonymousJanuary 22, 2011 at 3:55 PM
Saved me a few seconds. Thanks!
ReplyDelete
Replies
SlaveToSoftwareJuly 15, 2011 at 2:36 PM
Edit /etc/sysctl.d/10-ptrace.conf and set the '1' to a '0'. Then you only need to do this once.
ReplyDelete
Replies

Add comment

Journal of a Programmer

Monday, December 6, 2010

Ubuntu 10.10 kernel hardening, ptrace protection, and GDB attaching

2 comments:

About Me

Blog Archive

Pages