Kees Cook keescook@chromium.org writes:
On Thu, Oct 28, 2021 at 05:06:53PM -0500, Eric W. Biederman wrote:
Kees Cook keescook@chromium.org writes:
On Thu, Oct 28, 2021 at 12:26:26PM -0500, Eric W. Biederman wrote:
Is it a problem that the debugger can see the signal if the process does not?
Right, I'm trying to understand that too. However, my neighbor just lost power. :|
What I was in the middle of checking was what ptrace "sees" going through a fatal SIGSYS; my initial debugging attempts were weird.
Kees have you regained power and had a chance to see my SA_IMMUTABLE patch?
Does what I implemented seem like it will work for you?
I think it is a solid and simple solution to a pair of problems with my change to use the ordinary coredump path for seccomp. But I would very much love to hear it seems reasonable to you, as you were looking at the problem as well.
Eric