Re: [RFC 0/1] BPF tracing for arm64 using fprobe
From: Steven Rostedt
Date: Mon Nov 21 2022 - 10:40:07 EST
On Mon, 21 Nov 2022 16:29:54 +0100
KP Singh <kpsingh@xxxxxxxxxx> wrote:
> I am not sure how they can circumvent security since this needs root /
> root equivalent permissions. Fault injection is actually a very useful
> debugging tool.
On ChromeOS, we even consider root untrusted and lock down pretty
much all privileged activities (like loading modules and such).
As you said. It's a good debugging tool. Not something to allow in
production environments. Or at the very least, allow admins to disable it.
-- Steve