Re: Flaws in recent Linux kernels

From: Thomas Fischbacher (Thomas.Fischbacher@Physik.Uni-Muenchen.DE)
Date: 10/26/01


Date: Fri, 26 Oct 2001 13:29:41 +0200 (CEST)
From: Thomas Fischbacher <Thomas.Fischbacher@Physik.Uni-Muenchen.DE>
To: Mariusz Woloszyn <emsi@ipartners.pl>
Subject: Re: Flaws in recent Linux kernels
Message-ID: <Pine.LNX.4.33.0110261327040.20409-100000@seekar.cip.physik.uni-muenchen.de>


> if (current->euid ==0 ) {

Hm. Let me think. ptrace is basically used to dig out problems. From the
philosophical point of view, if root ptraces, the program having problems
will run as root. This is a constellation that one might want to avoid.

It's certainly a good thing to be able to ptrace without being root.

-- 
regards,               tf@cip.physik.uni-muenchen.de              (o_
 Thomas Fischbacher -  http://www.cip.physik.uni-muenchen.de/~tf  //\
(lambda (n) ((lambda (p q r) (p p q r)) (lambda (g x y)           V_/_
(if (= x 0) y (g g (- x 1) (* x y)))) n 1))                  (Debian GNU)



Relevant Pages

  • Flaws in recent Linux kernels
    ... The first vulnerability results in local DoS. ... to the ptrace bug mentioned. ... Root compromise by ptrace ... setuid root and world-executable. ...
    (Bugtraq)
  • Re: [PATCH] proc: maps protection
    ... ptrace". ... If this still isn't considered safe, ... files/libraries any other user and root has mmap'd. ... stdio mmap feature that goes even beyond direct mmap to fopen'd). ...
    (Linux-Kernel)
  • Re: exiting chroot()
    ... PD> Only root can ptrace another process. ... except when this second process has signs of former existance under ... another user (sugid flag on BSD, undumpable flag on Linux & Solaris, etc.) ...
    (comp.unix.programmer)
  • Re: [PATCH] proc: maps protection
    ... ptrace". ... If this still isn't considered safe, ... files/libraries any other user and root has mmap'd. ... stdio mmap feature that goes even beyond direct mmap to fopen'd). ...
    (Linux-Kernel)
  • Re: Elder Disaster
    ... has now been blown over by the wind. ... It may try to regrow from the bits of root that you can't dig out, ...
    (uk.rec.gardening)