https://bugs.kde.org/show_bug.cgi?id=345414
--- Comment #14 from Miroslav Franc <mfr...@gmx.com> --- (In reply to Paul Floyd from comment #13) > Is that safe to do? > > Valgrind, a bit like GDB, is a security risk. No doubt about that. But you can always make things safer by disallowing stuff. > On FreeBSD sysctl security.bsd.unprivileged_proc_debug controls whether > applications like gdb or valgrind can run. Does Linux have an equivalent? I haven't used FreeBSD for like 18 years, and I'm not sure what exactly it does, but there's a possibility of doing `sysctl -w kernel.yama.ptrace_scope=2` or similar on Linux to restrict what you can do with ptrace. But I don't think that restrict valgrind though, just gdb, strace etc. Is Valgrind using ptrace for something? > FreeBSD Valgrind does support Capsicum (it's capability mode interface), but > it just passes on syscalls (after printing a warning when calling > cap_enter). The means some Valgrind functionality is lost (specifically > opening files after entering capability mode which at least one of the tools > uses). The trouble is that it's a bit random about what is disallowed by seccomp. The default filter will kill valgrind for sure and otherwise it's about analyzing random cBPF filter that might be completely different per application. But, bear in mind is that I'm not proposing this to be the default behaviour. Nothing really changes except that you have now a choice to disable sandboxing. It's, I think, reasonably well described in the man page including the security implications. -- You are receiving this mail because: You are watching all bug changes.
