Disable swap. Disable coredumps. Any other generic OS-level settings you would recommend for running crypto code in a non-dev environment?
@koobs Looks like kernel.user_ptrace requires a specific module that very few distros ship.
-
-
@jedisct1 lcap CAP_SYS_PTRACE ? -
@koobs Linux-specific, but yes, lcap CAP_SYS_PTRACE is not a bad idea. - 5 more replies
New conversation -
-
-
@jedisct1 I read procfs: ptrace_scope via Yama, that the one you mean?Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.