Re: PROBLEM: old exploit works!!!

From: Manfred Spraul (
Date: Tue Oct 09 2001 - 15:59:40 EST

> Old exploit which works on kernels up to 2.2.18 (itr doesn't work on 2.2.19)
> works on 2.4.9!!
> I attach that exploit.
> [snip]
> if (check_execve(victim, filename))
> goto exit;
> (void)waitpid(victim, NULL, WUNTRACED);
> if (ptrace(PTRACE_CONT, victim, 0, 0)) {

It doesn't work, only the behaviour changed:
Linux now ignores the setuid bit if you try to ptrace a setuid app (idea from FreeBSD).
Up to 2.2.18 [and 2.4.0-pre?], it tried to return an error message if you try to ptrace a setuid app, and there was a race window
between the test (must be early, since it tries to return an error code) and the actual uid change. I haven't checked how it was
fixed in 2.2.19.


- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to More majordomo info at Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon Oct 15 2001 - 21:00:27 EST