Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751208AbeACTIS (ORCPT + 1 other); Wed, 3 Jan 2018 14:08:18 -0500 Received: from mail-ua0-f177.google.com ([209.85.217.177]:44011 "EHLO mail-ua0-f177.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750945AbeACTIQ (ORCPT ); Wed, 3 Jan 2018 14:08:16 -0500 X-Google-Smtp-Source: ACJfBouNihnEHxyjGwHlB0eRBI+WDFJ4Fk2rnZ4OqrSyBwCj5OobHF9nPyiGVcTRD9VBDSpWGsTEMQ== Date: Wed, 3 Jan 2018 14:08:08 -0500 From: Tom Horsley To: Kees Cook Cc: "Serge E. Hallyn" , Linus Torvalds , Laura Abbott , David Howells , James Morris , LKML Subject: Re: [PATCH] exec: Weaken dumpability for secureexec Message-ID: <20180103140808.0215ac87@tomh> In-Reply-To: References: <20180102232133.GA39880@beast> <20180103070622.GA6950@mail.hallyn.com> X-Mailer: Claws Mail 3.15.1-dirty (GTK+ 2.24.31; x86_64-redhat-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: On Wed, 3 Jan 2018 09:21:16 -0800 Kees Cook wrote: > The more interesting thing here is that secureexec is set for a > process that ISN'T actually setuid. (ptrace of a setuid process). I > think tha'ts the real bug, but not something I'm going to be able to > fix quickly. So, for now, I want to revert this, then try to fix the > weird case, and see if that breaks anyone, then fix this back to > secureexec. Certainly a program file that has capabilities attached to it via "setcap" is intended to be treated just like setuid if the capabilities it has are a superset of the capabilities of the debugger. (I don't know if that is a useful info in this case, but I thought I'd mention it :-).