mirror of
https://github.com/RGBCube/serenity
synced 2025-07-27 22:07:35 +00:00
Kernel: Add dedicated "ptrace" pledge promise
The vast majority of programs don't ever need to use sys$ptrace(), and it seems like a high-value system call to prevent a compromised process from using. This patch moves sys$ptrace() from the "proc" promise to its own, new "ptrace" promise and updates the affected apps.
This commit is contained in:
Andreas Kling
parent
127ce32d9e
commit
f03800cee3
6 changed files with 7 additions and 5 deletions
|
|
@ -112,7 +112,7 @@ static NonnullOwnPtr<HashMap<void*, X86::Instruction>> instrument_code()
|
|||
|
||||
int main(int argc, char** argv)
|
||||
{
|
||||
if (pledge("stdio proc exec rpath sigaction", nullptr) < 0) {
|
||||
if (pledge("stdio proc exec rpath sigaction ptrace", nullptr) < 0) {
|
||||
perror("pledge");
|
||||
return 1;
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue