Bug ID 1217051
Summary Enable ptrace_scope=1 by default on openSUSE Tumbleweed
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware 64bit
OS openSUSE Tumbleweed
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter 95kreaninw95@gmail.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By ---
Blocker --- 

Currently, on openSUSE Tumbleweed, ptrace_scope is disabled by default
(ptrace_scope=0). This makes Chromium sandboxing status showing as no and red
colored for both Ptrace Protection with Yama LSM entries.

Enabling ptrace_scope=1 this fixed the issue. And I think it's a security
hardening for the system.

There's a request to enable this feature on SUSE 15 SP4:
https://bugzilla.suse.com/show_bug.cgi?id=1198601

I am requesting this on openSUSE Tumbleweed.

For reference, ptrace_scope is enabled on Ubuntu since 10.10.

You are receiving this mail because: