Skip to content

RFC: wayland: Drop ptrace logic

Vlad Zahorodnii requested to merge work/zzag/remove-ptrace-logic into master

kwin disables ptrace for a good reason - to prevent other processes from attaching to kwin and snooping sensitive data or taking control of kwin. But, that will also make things such as memory statistics unavailable to read, etc.

On the other hand, the supported platforms where kwin runs all have security measures in places to forbid shady processes ptrace'ing kwin. For example, on Linux it's YAMA.

On Linux, by default, a process can ptrace only its descendants. For example, this can be used by debuggers; otherwise you would need to be the superuser to attach to any process.

This change drops our ptrace logic in favor of system provided security measures. It allows the System Monitor to gather kwin's memory usage statistics and also simplifies code, the current debugger detection logic is not really robust.

If the system provided security measures are proven to be insufficient, we can add the ptrace disabling logic back, but it would be great to avoid that because system monitor won't be able to gather resource usage statistics, which can be useful for detecting memory leaks in plasma wayland session, etc.

Merge request reports

Loading