ptrace.2: Describe PTRACE_MODE_NOAUDIT in more detail

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
author: Stephen Smalley <sds@tycho.nsa.gov> 2016-06-24 10:27:53 +0200
committer: Michael Kerrisk <mtk.manpages@gmail.com> 2016-06-29 07:06:29 +0200
commit: 3cd161fe570b627d6198e631f4cc69e2f492bd17 (patch)
tree: a73e415cafa6b16cf8d0fe661349b58bc7232082
parent: 78f0786577f70872152627847410f96af08382fd (diff)
download: man-pages-3cd161fe570b627d6198e631f4cc69e2f492bd17.tar.gz
1 files changed, 9 insertions, 0 deletions
diff --git a/man2/ptrace.2 b/man2/ptrace.2
index 82c04ad8ac..65bf060c4a 100644
--- a/man2/ptrace.2
+++ b/man2/ptrace.2
@@ -2168,6 +2168,15 @@ One further modifier can be ORed with the access mode:
 .\" commit 69f594a38967f4540ce7a29b3fd214e68a8330bd
 .\" Just for /proc/pid/stat
 Don't audit this access mode check.
+This modifier is employed for ptrace access mode checks
+(such as checks when reading
+.IR /proc/[pid]/stat )
+that merely cause the output to be filtered or sanitized,
+rather than causing an error to be returned to the caller.
+In these cases, accessing the file is not a security violation and
+there is no reason to generate a security audit record.
+This modifier suppresses the generation of
+such an audit record for the particular access check.
 .PP
 The algorithm employed for ptrace access mode checking determines whether
 the calling process is allowed to perform the corresponding action
author	Stephen Smalley <sds@tycho.nsa.gov>	2016-06-24 10:27:53 +0200
committer	Michael Kerrisk <mtk.manpages@gmail.com>	2016-06-29 07:06:29 +0200
commit	3cd161fe570b627d6198e631f4cc69e2f492bd17 (patch)
tree	a73e415cafa6b16cf8d0fe661349b58bc7232082
parent	78f0786577f70872152627847410f96af08382fd (diff)
download	man-pages-3cd161fe570b627d6198e631f4cc69e2f492bd17.tar.gz