Mitigate ptrace, LD_PRELOAD etc.
For ptrace there is a hook, for stuff like LD_PRELOAD there is the AT_SECURE flag. The question is when to apply these, e.g.:
- if explicitely enabled (i.e. flag in the rules)
- if a process is in
inherit
mode
For ptrace there is a hook, for stuff like LD_PRELOAD there is the AT_SECURE flag. The question is when to apply these, e.g.:
inherit
mode