pub fn classify_ptrace(tracer_name: &str, tracee_name: &str) -> bool
Classify whether a ptrace relationship is suspicious.
Flags tracers with empty names, tracers of high-value system processes, and self-tracing processes.