Bug 2448388 - Changes/Restrict ptrace by default
Summary: Changes/Restrict ptrace by default
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: Changes Tracking
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Aoife Moloney
QA Contact:
URL:
Whiteboard:
Depends On: 2461598 2461718 2461719 2461721 2461722 2461434 2461617
Blocks: F45Changes
TreeView+ depends on / blocked
 
Reported: 2026-03-17 16:34 UTC by Allison King
Modified: 2026-04-25 21:41 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2026-04-25 21:41:56 UTC
Type: ---
Embargoed:
fedora-admin-xmlrpc: mirror+

Attachments (Terms of Use)

Description Allison King 2026-03-17 16:34:29 UTC 
This is a tracking bug for Change: Changes/Restrict ptrace by default
For more details, see: https://fedoraproject.org/wiki/Changes/Restrict_ptrace_by_default

By default, disable ''some'' debugging permissions for unprivileged users using a system-wide kernel setting, so malware cannot inspect other preexisting processes of an unprivileged user.  When debugging tools are installed, re-enable ''full'' normal functionality system-wide using a sysctl file, as is the status quo up to Fedora 44.

This is a ''compromise'' proposal to followup several failures to achieve a consensus.

If you encounter a bug related to this Change, please do not comment here. Instead create a new bug and set it to block this bug.
Comment 1 Fedora Update System 2026-04-24 18:38:43 UTC 
FEDORA-2026-19c7c2fc5c (elfutils-0.195-1.fc45) has been submitted as an update to Fedora 45.
https://bodhi.fedoraproject.org/updates/FEDORA-2026-19c7c2fc5c
Comment 2 Fedora Update System 2026-04-25 21:41:56 UTC 
FEDORA-2026-19c7c2fc5c (elfutils-0.195-1.fc45) has been pushed to the Fedora 45 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.