From mboxrd@z Thu Jan 1 00:00:00 1970 From: Stefano Brivio To: passt-dev@passt.top Subject: [PATCH 04/18] passt: Make process not dumpable after sandboxing Date: Tue, 22 Feb 2022 02:34:20 +0100 Message-ID: <20220222013434.4116044-5-sbrivio@redhat.com> In-Reply-To: <20220222013434.4116044-1-sbrivio@redhat.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1382718832163064730==" --===============1382718832163064730== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Two effects: - ptrace() on passt and pasta can only be done by root, so that even if somebody gains access to the same user, they won't be able to check data passed in syscalls anyway. No core dumps allowed either - /proc/PID files are owned by root:root, and they can't be read by the same user as the one passt or pasta are running with Signed-off-by: Stefano Brivio --- passt.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/passt.c b/passt.c index 508d525..b5086d8 100644 --- a/passt.c +++ b/passt.c @@ -406,6 +406,8 @@ int main(int argc, char **argv) else write_pidfile(pidfile_fd, getpid()); + prctl(PR_SET_DUMPABLE, 0); + seccomp(&c); timer_init(&c, &now); -- 2.34.1 --===============1382718832163064730==--