Searched refs:CAP_SYS_PTRACE (Results 1 – 12 of 12) sorted by relevance
| /linux-6.6.21/security/yama/ |
| D | yama_lsm.c | 371 !ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
377 if (!ns_capable(__task_cred(child)->user_ns, CAP_SYS_PTRACE)) in yama_ptrace_access_check()
407 if (!has_ns_capability(parent, current_user_ns(), CAP_SYS_PTRACE)) in yama_ptrace_traceme()
437 if (write && !capable(CAP_SYS_PTRACE)) in yama_dointvec_minmax()
|
| /linux-6.6.21/Documentation/admin-guide/LSM/ |
| D | Yama.rst | 34 work), or with ``CAP_SYS_PTRACE`` (i.e. "gdb --pid=PID", and "strace -p PID"
49 The sysctl settings (writable only with ``CAP_SYS_PTRACE``) are:
68 only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
|
| D | Smack.rst | 299 ``PTRACE_READ`` is not affected. Can be overridden with ``CAP_SYS_PTRACE``.
303 exception that it can't be overridden with ``CAP_SYS_PTRACE``.
|
| /linux-6.6.21/include/uapi/linux/ |
| D | capability.h | 236 #define CAP_SYS_PTRACE 19 macro
|
| /linux-6.6.21/security/apparmor/ |
| D | task.c | 276 ad->error = aa_capable(cred, &tracer->label, CAP_SYS_PTRACE, in profile_tracer_perm()
|
| /linux-6.6.21/kernel/ |
| D | capability.c | 519 ret = security_capable(cred, ns, CAP_SYS_PTRACE, in ptracer_capable()
|
| D | ptrace.c | 282 return ns_capable_noaudit(ns, CAP_SYS_PTRACE); in ptrace_has_cap()
283 return ns_capable(ns, CAP_SYS_PTRACE); in ptrace_has_cap()
|
| /linux-6.6.21/security/ |
| D | commoncap.c | 150 if (ns_capable(child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_access_check()
182 if (has_ns_capability(parent, child_cred->user_ns, CAP_SYS_PTRACE)) in cap_ptrace_traceme()
|
| /linux-6.6.21/Documentation/admin-guide/ |
| D | perf-security.rst | 90 So unprivileged processes provided with CAP_SYS_PTRACE capability are
92 CAP_SYS_PTRACE capability is not required and CAP_PERFMON is enough to
|
| /linux-6.6.21/Documentation/admin-guide/mm/ |
| D | userfaultfd.rst | 68 process needs the CAP_SYS_PTRACE capability, or the system must have
79 the same time (as e.g. granting CAP_SYS_PTRACE would do). Users who have access
|
| /linux-6.6.21/fs/ |
| D | userfaultfd.c | 2052 if ((features & UFFD_FEATURE_EVENT_FORK) && !capable(CAP_SYS_PTRACE)) in userfaultfd_api()
2227 if (capable(CAP_SYS_PTRACE)) in userfaultfd_syscall_allowed()
|
| /linux-6.6.21/security/smack/ |
| D | smack_lsm.c | 455 else if (smack_privileged_cred(CAP_SYS_PTRACE, tracercred)) in smk_ptrace_rule_check()
|