Enabling or disabling the Ptrace block in CloudLinux helps control process debugging and tracing permissions, enhancing security or allowing necessary application functionality.
By default, CloudLinux OS does not block the ptrace functionality.
Default Configuration:
kernel.user_ptrace = 1
kernel.user_ptrace_self = 1
- kernel.user_ptrace: Controls the PTRACE_ATTACH functionality.
- kernel.user_ptrace_self: Controls the PTRACE_TRACEME functionality.
Steps to Disable Ptrace:
To disable all ptrace functionalities for users, follow these steps:
- Open the /etc/sysctl.conf file and add the following lines:
## CL: Disable ptrace for users user_ptrace = 0 kernel.user_ptrace_self = 0 ##
- Apply the changes by running:
sysctl -p
Note:
Some software may require partial access to ptrace. If needed, you can disable only one of the options (user_ptrace or user_ptrace_self) depending on the requirement. This will enable partial ptrace protection.
We hope you liked our article. If you need further assistance, feel free to contact our support staff as soon as possible.
Explore more CloudLinux features! Check out How does CloudLinux’s “Options” tab function