GitLab

I've written a small patch that helps disable ptracing Tor on modern Linux systems. It may also work on *BSD but I haven't tested it on anything except Ubuntu 11.04 on x86_64.

Here's the git branch off of a very recent master: https://gitweb.torproject.org/ioerror/tor.git/shortlog/refs/heads/DisableDebuggerAttachment

When this is running you'll not be able to attach to the Tor unless you're root, even if you're running Tor as the same user as gdb/strace/etc:

% gdb -p 31053
GNU gdb (Ubuntu/Linaro 7.2-1ubuntu11) 7.2
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Attaching to process 31053
Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.

% strace -p 31053
attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted
Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf