Module yama 

YAMA hook implementations used to restirct ptrace access. This module implements the YAMA LSM functionality, used to lock down ptrace access.

Structs

PtraceScopeFile

Constants

SCOPE_ADMIN_ONLY

2 means tracer needs to have CAP_SYS_PTRACE

SCOPE_CLASSIC

Scope definitions for Yama. For full details, see ptrace(2). 0 means classic ptrace checks, without additional restrictions. This is the Starnix default (i.e. YAMA is not active).

SCOPE_NO_ATTACH

3 means no process can attach.

SCOPE_RESTRICTED

1 means tracer needs to have CAP_SYS_PTRACE or be a parent / child process. This is the default with YAMA active.