Re: 2.4+ptrace exploit fix breaks root's ability to strace

• Next message: jordan.breeding@attbi.com: "Re: small devfs patch for 2.5.65, plan to replace /sbin/hotplug"
• Previous message: Alan Cox: "Re: 2.5.65-ac2 -- hda/ide trouble on ICH4"
• In reply to: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
• Next in thread: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
• Reply: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> --- orig/kernel/ptrace.c Wed Mar 19 15:54:45 2003
> +++ linux/kernel/ptrace.c Sat Mar 22 10:14:01 2003
> @@ -22,7 +22,7 @@
> int ptrace_check_attach(struct task_struct *child, int kill)
> {
> mb();
> - if (!is_dumpable(child))
> + if (!is_dumpable(child) && !(child->ptrace & PT_PTRACE_CAP))
> return -EPERM;
>
> if (!(child->ptrace & PT_PTRACED))

this sounds really wrong; the child says it doesn't want to be ptraced
and now you allow it anyway. I think the problem is more that the child
isn't dumpable.... checking why

• application/pgp-signature attachment: This is a digitally signed message part

• Next message: jordan.breeding@attbi.com: "Re: small devfs patch for 2.5.65, plan to replace /sbin/hotplug"
• Previous message: Alan Cox: "Re: 2.5.65-ac2 -- hda/ide trouble on ICH4"
• In reply to: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
• Next in thread: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
• Reply: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:41 EST