Hrm, this looks like it might be a legit regression. 4.4.0-8 passes the test, while 4.4.0-9.X is failing. In both instances, /proc/sys/kernel/yama/ptrace_scope is set to 1. It looks like cousin processes are allowed to ptrace each other, which yama's ptrace restrictions should prevent.
Looking at the git commits between tags Ubuntu-4.4.0-8.23 and Ubuntu-4.4.0-9.24, the following commits stand out as being ptrace relevent:
commit 969624b7c1c8c9784651eb97431e6f2bbb7a024c
Author: Jann Horn <email address hidden>
Date: Wed Jan 20 15:00:04 2016 -0800
ptrace: use fsuid, fsgid, effective creds for fs access checks
upstream commit caaee6234d05a58c5b4d05e7bf766131b810a657 upstream.
and
commit a76b8ce7ad1f65a96638f161ff83075de04ec9cc
Author: Jann Horn <email address hidden>
Date: Sat Dec 12 21:12:41 2015 +0100
UBUNTU: SAUCE: (noup) ptrace: being capable wrt a process requires mapped uids/gids
upstream reference https://lkml.org/lkml/2015/12/12/259
But it's not obvious to me why either commit would break this.
Hrm, this looks like it might be a legit regression. 4.4.0-8 passes the test, while 4.4.0-9.X is failing. In both instances, /proc/sys/ kernel/ yama/ptrace_ scope is set to 1. It looks like cousin processes are allowed to ptrace each other, which yama's ptrace restrictions should prevent.
Looking at the git commits between tags Ubuntu-4.4.0-8.23 and Ubuntu-4.4.0-9.24, the following commits stand out as being ptrace relevent:
commit 969624b7c1c8c97 84651eb97431e6f 2bbb7a024c c5b4d05e7bf7661 31b810a657 upstream.
Author: Jann Horn <email address hidden>
Date: Wed Jan 20 15:00:04 2016 -0800
ptrace: use fsuid, fsgid, effective creds for fs access checks
upstream commit caaee6234d05a58
and
commit a76b8ce7ad1f65a 96638f161ff8307 5de04ec9cc /lkml.org/ lkml/2015/ 12/12/259
Author: Jann Horn <email address hidden>
Date: Sat Dec 12 21:12:41 2015 +0100
UBUNTU: SAUCE: (noup) ptrace: being capable wrt a process requires mapped uids/gids
upstream reference https:/
But it's not obvious to me why either commit would break this.