Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sat, 22 Mar 2003 10:17:16 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sat, 22 Mar 2003 10:17:16 -0500 Received: from node-d-1ea6.a2000.nl ([62.195.30.166]:50927 "EHLO laptop.fenrus.com") by vger.kernel.org with ESMTP id ; Sat, 22 Mar 2003 10:17:15 -0500 Subject: Re: 2.4+ptrace exploit fix breaks root's ability to strace From: Arjan van de Ven Reply-To: arjanv@redhat.com To: Russell King Cc: Alan Cox , Linux Kernel Mailing List In-Reply-To: <20030322141006.A8159@flint.arm.linux.org.uk> References: <20030322103121.A16994@flint.arm.linux.org.uk> <1048345130.8912.9.camel@irongate.swansea.linux.org.uk> <20030322141006.A8159@flint.arm.linux.org.uk> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-I3rp8G6QUI7mrjB/6ZlW" Organization: Red Hat, Inc. Message-Id: <1048346885.1708.2.camel@laptop.fenrus.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.2 (1.2.2-4) Date: 22 Mar 2003 16:28:05 +0100 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1245 Lines: 40 --=-I3rp8G6QUI7mrjB/6ZlW Content-Type: text/plain Content-Transfer-Encoding: quoted-printable > --- orig/kernel/ptrace.c Wed Mar 19 15:54:45 2003 > +++ linux/kernel/ptrace.c Sat Mar 22 10:14:01 2003 > @@ -22,7 +22,7 @@ > int ptrace_check_attach(struct task_struct *child, int kill) > { > mb(); > - if (!is_dumpable(child)) > + if (!is_dumpable(child) && !(child->ptrace & PT_PTRACE_CAP)) > return -EPERM; > =20 > if (!(child->ptrace & PT_PTRACED)) this sounds really wrong; the child says it doesn't want to be ptraced and now you allow it anyway. I think the problem is more that the child isn't dumpable.... checking why --=-I3rp8G6QUI7mrjB/6ZlW Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQA+fIEFxULwo51rQBIRAkCqAJ975Arr9hyugxFiSafSZOI/6Ywz9wCeNLEk 2ZVTEYzWaRqEz9+9t0xP4dQ= =ceZ/ -----END PGP SIGNATURE----- --=-I3rp8G6QUI7mrjB/6ZlW-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/