Hello,
After 2.4.21-pre6, I found "ps ax" displays some processes
as the process names which are embraced with square brackets
like these.
1115 ? S 0:00 [httpd]
1478 ? S 0:00 [atd]
It is because proc_pid_cmdline() calls access_process_vm() and it fails.
The patch below fixes the problem. With this patch, access_process_vm()
do not reject requests if the access is read only.
I'm not certain this is right fix, but at least I confirmed
isec-ptrace-kmot-exploit cannot get root privilege with this patch.
Please comment.
diff -Nur linux-2.4.org/kernel/ptrace.c linux-2.4/kernel/ptrace.c
--- linux-2.4.org/kernel/ptrace.c 2003-03-28 15:59:15.000000000 +0900
+++ linux-2.4/kernel/ptrace.c 2003-04-03 16:04:32.000000000 +0900
@@ -140,7 +140,7 @@
/* Worry about races with exit() */
task_lock(tsk);
mm = tsk->mm;
- if (!is_dumpable(tsk) || (&init_mm == mm))
+ if ((!is_dumpable(tsk) || (&init_mm == mm)) && write)
mm = NULL;
if (mm)
atomic_inc(&mm->mm_users);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 07 2003 - 22:00:29 EST