Re: 2.4+ptrace exploit fix breaks root's ability to strace

From: Lists (lst) (linux@lapd.cj.edu.ro)
Date: Sun Mar 23 2003 - 05:31:39 EST

On Sat, 22 Mar 2003, Alan Cox wrote:

> On Sat, 2003-03-22 at 10:31, Russell King wrote:
> > Are the authors of the ptrace patch aware that, in addition to closing the
> > hole, the "fix" also prevents a ptrace-capable task (eg, strace started by
> > root) from ptracing user threads?
>
> Its an unintended side effect, nobody has sent a patch to fix it yet.

Hi,

mlafon send a patch to the list:
--------------------------------------------------------------------
Date: Wed, 19 Mar 2003 12:28:02 +0100
From: mlafon@arkoon.net
To: linux-kernel@vger.kernel.org
Subject: Re: Ptrace hole / Linux 2.2.25

The patch breaks /proc/<pid>/cmdline and /proc/<pid>/environ for 'non
dumpable'
processes, even for root.

We need to access theses proc files for processes monitoring.

Included is a patch to restore this functionnality for root.

Any comments ?
(See attached file: cmdline_environ_fix.diff)
--------------------------------------------------------------------

Nobody responded to his e-mail. I attach the patch again. I will test
the patch tomorow.

Cosmin

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:44 EST