Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Sat, 22 Mar 2003 12:50:27 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Sat, 22 Mar 2003 12:50:27 -0500 Received: from caramon.arm.linux.org.uk ([212.18.232.186]:33033 "EHLO caramon.arm.linux.org.uk") by vger.kernel.org with ESMTP id ; Sat, 22 Mar 2003 12:50:26 -0500 Date: Sat, 22 Mar 2003 18:01:27 +0000 From: Russell King To: Alan Cox Cc: Arjan van de Ven , Linux Kernel Mailing List Subject: Re: 2.4+ptrace exploit fix breaks root's ability to strace Message-ID: <20030322180127.J8712@flint.arm.linux.org.uk> Mail-Followup-To: Alan Cox , Arjan van de Ven , Linux Kernel Mailing List References: <20030322103121.A16994@flint.arm.linux.org.uk> <1048345130.8912.9.camel@irongate.swansea.linux.org.uk> <20030322141006.A8159@flint.arm.linux.org.uk> <1048346885.1708.2.camel@laptop.fenrus.com> <20030322171312.H8712@flint.arm.linux.org.uk> <1048360147.9221.26.camel@irongate.swansea.linux.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5.1i In-Reply-To: <1048360147.9221.26.camel@irongate.swansea.linux.org.uk>; from alan@lxorguk.ukuu.org.uk on Sat, Mar 22, 2003 at 07:09:08PM +0000 X-Message-Flag: Your copy of Microsoft Outlook is vurnerable to viruses. See www.mutt.org for more details. Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1205 Lines: 29 On Sat, Mar 22, 2003 at 07:09:08PM +0000, Alan Cox wrote: > On Sat, 2003-03-22 at 17:13, Russell King wrote: > > ptrace has always explicitly allowed a process with the CAP_SYS_PTRACE > > capability to ptrace a task which isn't dumpable. With the ptrace "fix" > > in place, you can attach to a non-dumpable thread: > > Note that this is a bug, and is now a fixed bug. The looser check you > can do requires you check > > my_capabilities >= his capbilities > > Otherwise you have priviledge escalation for CAP_SYS_PTRACE to > CAP_SYS_RAWIO trivially In which case we should not allow ptrace to even attach to the process. Currently you can attach to such a process and stop it running, even if you have lesser priviledges than the child. Therefore, I wouldn't call this "fixed" in the existing ptrace patch. -- Russell King (rmk@arm.linux.org.uk) The developer of ARM Linux http://www.arm.linux.org.uk/personal/aboutme.html - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/