diff --git a/CMakeLists.txt b/CMakeLists.txt
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -24,7 +24,14 @@
 include(CheckSymbolExists)
 check_include_file("sys/prctl.h" HAVE_SYS_PRCTL_H)
 check_symbol_exists(PR_SET_DUMPABLE "sys/prctl.h" HAVE_PR_SET_DUMPABLE)
-add_feature_info("prctl-dumpable" HAVE_PR_SET_DUMPABLE "Required for disallow ptrace on greeter and kcheckpass process")
+check_include_file("sys/procctl.h" HAVE_SYS_PROCCTL_H)
+check_symbol_exists(PROC_TRACE_CTL "sys/procctl.h" HAVE_PROC_TRACE_CTL)
+if (HAVE_PR_SET_DUMPABLE OR HAVE_PROC_TRACE_CTL)
+  set(CAN_DISABLE_PTRACE TRUE)
+endif ()
+add_feature_info("prctl/procctl tracing control"
+                 CAN_DISABLE_PTRACE
+                 "Required for disallowing ptrace on greeter and kcheckpass process")
 
 find_package(KF5 ${KF5_MIN_VERSION} REQUIRED COMPONENTS
                     Crash
diff --git a/config-kscreenlocker.h.cmake b/config-kscreenlocker.h.cmake
--- a/config-kscreenlocker.h.cmake
+++ b/config-kscreenlocker.h.cmake
@@ -8,3 +8,5 @@
 
 #cmakedefine01 HAVE_SYS_PRCTL_H
 #cmakedefine01 HAVE_PR_SET_DUMPABLE
+#cmakedefine01 HAVE_SYS_PROCCTL_H
+#cmakedefine01 HAVE_PROC_TRACE_CTL
diff --git a/greeter/main.cpp b/greeter/main.cpp
--- a/greeter/main.cpp
+++ b/greeter/main.cpp
@@ -32,6 +32,10 @@
 #if HAVE_SYS_PRCTL_H
 #include <sys/prctl.h>
 #endif
+#if HAVE_SYS_PROCCTL_H
+#include <unistd.h>
+#include <sys/procctl.h>
+#endif
 
 static void signalHandler(int signum)
 {
@@ -60,6 +64,10 @@
 #if HAVE_PR_SET_DUMPABLE
     prctl(PR_SET_DUMPABLE, 0);
 #endif
+#if HAVE_PROC_TRACE_CTL
+    int mode = PROC_TRACE_CTL_DISABLE;
+    procctl(P_PID, getpid(), PROC_TRACE_CTL, &mode);
+#endif
 
     KLocalizedString::setApplicationDomain("kscreenlocker_greet");
 
@@ -128,6 +136,10 @@
 #if HAVE_PR_SET_DUMPABLE
         prctl(PR_SET_DUMPABLE, 1);
 #endif
+#if HAVE_PROC_TRACE_CTL
+        int mode = PROC_TRACE_CTL_ENABLE;
+        procctl(P_PID, getpid(), PROC_TRACE_CTL, &mode);
+#endif
     } else {
         app.setImmediateLock(parser.isSet(immediateLockOption));
     }
diff --git a/kcheckpass/kcheckpass.c b/kcheckpass/kcheckpass.c
--- a/kcheckpass/kcheckpass.c
+++ b/kcheckpass/kcheckpass.c
@@ -61,6 +61,11 @@
 #if HAVE_SYS_PRCTL_H
 #include <sys/prctl.h>
 #endif
+#if HAVE_SYS_PROCCTL_H
+#include <unistd.h>
+#include <sys/procctl.h>
+#endif
+
 
 /* Compatibility: accept some options from environment variables */
 #define ACCEPT_ENV
@@ -330,6 +335,10 @@
 #if HAVE_PR_SET_DUMPABLE
   prctl(PR_SET_DUMPABLE, 0);
 #endif
+#if HAVE_PROC_TRACE_CTL
+  int mode = PROC_TRACE_CTL_DISABLE;
+  procctl(P_PID, getpid(), PROC_TRACE_CTL, &mode);
+#endif
 
 #ifdef HAVE_OSF_C2_PASSWD
   initialize_osf_security(argc, argv);