Merge pull request rapid7#20126 from bcoles/lib-msf-core-post-linux-kernel-yama

smcintyre-r7 · web-flow · commit b7df5210a917 · 2025-05-08T13:55:44.000-04:00
Msf::Post::Linux::Kernel: Add yama_ptrace_scope method
diff --git a/lib/msf/core/post/linux/kernel.rb b/lib/msf/core/post/linux/kernel.rb
@@ -334,6 +334,26 @@ def selinux_enforcing?
           raise 'Could not determine SELinux status'
         end
 
+        #
+        # Returns Yama LSM ptrace scope level
+        #
+        # @return [Integer] Yama ptrace scope level (0 if disabled or not installed)
+        # @raise [RuntimeError] If execution fails.
+        #
+        def yama_ptrace_scope
+          ptrace_scope = read_file('/proc/sys/kernel/yama/ptrace_scope').to_s.strip
+
+          return 0 unless ptrace_scope
+
+          level = ptrace_scope.scan(/\A(\d+)\z/).flatten.first.to_i
+
+          return 0 unless level
+
+          level
+        rescue StandardError
+          raise 'Could not determine Yama scope'
+        end
+
         #
         # Returns true if Yama is installed
         #
@@ -356,9 +376,7 @@ def yama_installed?
         # @raise [RuntimeError] If execution fails.
         #
         def yama_enabled?
-          return false unless yama_installed?
-
-          !read_file('/proc/sys/kernel/yama/ptrace_scope').to_s.strip.eql? '0'
+          yama_ptrace_scope > 0
         rescue StandardError
           raise 'Could not determine Yama status'
         end
