Re: [PATCH] coredump - as root not only if euid switched

From: Chris Wright
Date: Fri Apr 23 2004 - 12:11:57 EST

Next message: FabF: "[PATCH 2.6.6-rc2-mm1] Default PC bios support fix"
Previous message: Jörn Engel: "Re: Using compression before encryption in device-mapper"
In reply to: Peter Waechtler: "Re: [PATCH] coredump - as root not only if euid switched"
Next in thread: Peter Wächtler: "Re: [PATCH] coredump - as root not only if euid switched"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Peter Waechtler (pwaechtler@xxxxxxx) wrote:
> On Thursday, April 22, 2004, at 09:53PM, Chris Wright <chrisw@xxxxxxxx> wrote:
> >This patch breaks various ptrace() checks.
>
> Care to share your wisdom? No? Then please don't reply

- current->mm->dumpable = 0;
+ current->mm->dump_as_root = 1;

Changes like that break ptrace authentication checks. Look more closely
at what mm->dumpable is used for, you'll see checks like:

if (!task->mm->dumpable && !capable(CAP_SYS_PTRACE))
goto out;

BTW, putting the patch inline makes it easier to comment directly on the
patch.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: FabF: "[PATCH 2.6.6-rc2-mm1] Default PC bios support fix"
Previous message: Jörn Engel: "Re: Using compression before encryption in device-mapper"
In reply to: Peter Waechtler: "Re: [PATCH] coredump - as root not only if euid switched"
Next in thread: Peter Wächtler: "Re: [PATCH] coredump - as root not only if euid switched"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]