Difference between revisions of "Vuln kernel harden ptrace"

From Atomicorp Wiki
Jump to: navigation, search
(Created page with "= Kernel ptrace() restrictions are not enforced = The ASL kernel can enforce limitations on certain debugging capabilities to prevent them from being used to compromise t...")

Revision as of 18:45, 10 February 2012

Kernel ptrace() restrictions are not enforced

The ASL kernel can enforce limitations on certain debugging capabilities to prevent them from being used to compromise the system. One of these is ptrace() function. non-ASL kernels do not have this capability. Attackers can use this capability to attach to running processes and either steal information from the processes, potentially gaining information such as password, encryption keys and other sensitive information, or they may be able to potentially compromise the system or applications on the system.

Next Steps

First check to see if you are using the ASL kernel by going to this link.

If you are not running the ASL kernel:

Please reboot your system into the ASL kernel.

Note: If you have a VPS system, you will not have your own kernel. Please install ASL on the host server.

If you are running the ASL kernel:

Log into the ASL GUI, click on Configuration and select the ASL configuration menu option. This will open the ASL configuration screen. Scroll down to HARDEN_PTRACE and set this to "yes" then click update. You will need to reboot your server for this setting to be implemented on the server.

Personal tools