Re: How to fix the ptrace flaw without rebooting

From: Erik Hensema (erik@hensema.net)
Date: Thu Apr 03 2003 - 07:30:05 EST

Chuck Ebbert (76306.1226@compuserve.com) wrote:
> Author: Chuck Ebbert
> Adapted from: Phrack Inc., Volume 0x0b, Issue 0x3a, Phile #0x07
> Directions: Run this program as root on an x86 machine.
> It will disable the ptrace system call, thus
> fixing the Linux 'ptrace flaw'. (It will also
> break strace, debugging tools and User Mode Linux.)
> WARNING: Your computer may crash or do other strange things
> if you run this program as root. No warranty.

If you can't reboot to apply a security fix, you've got a serious problem.

A better fix in a running system is to simply disable dynamic module
loading: echo /no/such/file > /proc/sys/kernel/modprobe
At the very least you can be sure your machine won't crash this way ;-) 

-- 
Erik Hensema <erik@hensema.net>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

This archive was generated by hypermail 2b29 : Mon Apr 07 2003 - 22:00:19 EST