Index: linux-2.6.17/kernel/ptrace.c
===================================================================
--- linux-2.6.17.orig/kernel/ptrace.c
+++ linux-2.6.17/kernel/ptrace.c
@@ -133,6 +133,11 @@ static int may_attach(struct task_struct
 	smp_rmb();
 	if (!task->mm->dumpable && !capable(CAP_SYS_PTRACE))
 		return -EPERM;
+	if (!vx_check(task->xid, VX_ADMIN_P|VX_IDENT))
+		return -EPERM;
+	if (!vx_check(task->xid, VX_IDENT) &&
+		!task_vx_flags(task, VXF_STATE_ADMIN, 0))
+		return -EACCES;
 
 	return security_ptrace(current, task);
 }