# Description: Disable ptrace() and core dumping for programs using libpolkit
# Ubuntu: https://wiki.ubuntu.com/DesktopTeam/Specs/PolicyKitIntegration
# Upstream: https://bugs.freedesktop.org/show_bug.cgi?id=13742

--- policykit-0.6/polkit/polkit-policy-default.c	2007-09-26 22:13:58.000000000 +0200
+++ policykit-0.6.new/polkit/polkit-policy-default.c	2007-12-20 01:15:28.000000000 +0100
@@ -35,6 +35,7 @@
 #include <grp.h>
 #include <unistd.h>
 #include <errno.h>
+#include <sys/prctl.h>
 
 #include <glib.h>
 #include "polkit-debug.h"
@@ -281,3 +282,14 @@
         return policy_default->default_active;
 }
 
+
+/**
+ * Library constructor: Disable ptrace() and core dumping for applications
+ * which use this library, so that local trojans cannot silently abuse PK
+ * privileges. (This is a just a bandaid, not a robust solution).
+ */
+__attribute__ ((constructor))
+void init()
+{
+        prctl(PR_SET_DUMPABLE, 0);
+}