Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753314Ab0F3Pla (ORCPT ); Wed, 30 Jun 2010 11:41:30 -0400 Received: from mail-gx0-f174.google.com ([209.85.161.174]:43740 "EHLO mail-gx0-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752310Ab0F3Pl2 (ORCPT ); Wed, 30 Jun 2010 11:41:28 -0400 MIME-Version: 1.0 In-Reply-To: <20100630004027.GG4837@outflux.net> References: <20100630003844.GE4837@outflux.net> <20100630004027.GG4837@outflux.net> Date: Wed, 30 Jun 2010 11:41:26 -0400 Message-ID: Subject: Re: [PATCH 2/2] Yama: add PTRACE exception tracking From: Eric Paris To: Kees Cook Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 905 Lines: 24 On Tue, Jun 29, 2010 at 8:40 PM, Kees Cook wrote: > Some application suites have external crash handlers that depend on > being able to use PTRACE to generate crash reports (KDE, Chromium, etc). > Since the inferior process generally knows the PID of the debugger, > it can use PR_SET_PTRACER to allow a specific PID and its descendants > to perform the PTRACE instead of only a direct ancestor. > > Signed-off-by: Kees Cook any normal unpriv application: while(1) { prctl(PR_SET_PTRACER, 1, 0, 0, 0); } watch kernel run out of memory and bring down the box. Seems like quite the DoS..... -Eric -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/