As of adb7442, the Neverbleed daemon refuses debuggers from being attached only in the following cases:
- always on Linux
- on OS X, if
neverbleed_setuidgid is called
We should:
- call
ptrace(PT_DENY_ATTACH) on OS X to always refuse
- explore the possibility of doing same onon other OS
Note: this feature is not a must-have; you can use different UIDs for the daemon and the client.
As of adb7442, the Neverbleed daemon refuses debuggers from being attached only in the following cases:
neverbleed_setuidgidis calledWe should:
ptrace(PT_DENY_ATTACH)on OS X to always refuseNote: this feature is not a must-have; you can use different UIDs for the daemon and the client.