Skip to main content
Sign in

CloudLinux Knowledge Base

  1. CloudLinux
  2. CloudLinux OS
  3. CloudLinux Kernels

How to enable/disable the Ptrace block?

Roman Tsysar
  • Updated

Issue

How to enable/disable ptrace block?

Environment

  • CloudLinux OS

Solution

1. By default, CloudLinux OS doesn't prevent the ptrace functionality.

Defaults:

kernel.user_ptrace = 1
kernel.user_ptrace_self = 1
  • The kernel.user_ptrace option disables the PTRACE_ATTACH functionality.
  • The kernel.user_ptrace_self option disables the PTRACE_TRACEME functionality.

2. To disable all ptrace functionality, change both sysctl options to 0, add this section to the /etc/sysctl.conf:

## CL. Disable ptrace for users
kernel.user_ptrace = 0
kernel.user_ptrace_self = 0
##

3. Apply the changes with:

$ sysctl -p

Different software could need different access to the ptrace. You may need to change only one option to 0 to make them working. In this case, there will be only partial ptrace protection.

Useful links

https://docs.cloudlinux.com/cloudlinux_os_kernel/#ptrace-block

 

 

Comments

0 comments

Please sign in to leave a comment.

Related articles