echo "kernel.yama.ptrace_scope = 2" | sudo tee /etc/sysctl.d/99-ptrace.conf
sudo sysctl -p /etc/sysctl.d/99-ptrace.conf
Value 2 means only processes with CAP_SYS_PTRACE can use ptrace. Debuggers stop
working for regular users. On a production VPS that is an acceptable tradeoff. sudo apt-get update && sudo apt-get dist-upgrade -y
sudo reboot
I caught myself before hitting Enter. The server was running 45 Docker containers:
three PostgreSQL databases, two Redis instances, a voice agent, n8n, Typebot,
Traefik, Prometheus, Grafana, and several production SaaS apps with live users. sysctl kernel.yama.ptrace_scope
If it returns 0 or 1, you are exposed on any unpatched kernel. Two commands fix it
with no reboot required.