Re: ptrace and setuid problem

From: Andreas Schwab
Date: Sun Mar 06 2005 - 07:14:27 EST

Next message: Jim Nelson: "Re: [PATCH 1/13] speedtch: Clean up printk()'s indrivers/usb/atm/speedtch.c"
Previous message: Ondrej Zary: "Re: [patch 2/6] 12/34: cdrom/cdu31a: replace interruptible_sleep_on()with wait_event_interruptible()"
In reply to: Tom Horsley: "ptrace and setuid problem"
Next in thread: Tom Horsley: "Re: ptrace and setuid problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Tom Horsley <tomhorsley@xxxxxxxxxxxx> writes:

> If I exec a setuid program under ptrace, I can read the image via
> PEEKDATA requests.

Only CAP_SYS_PTRACE capable processes get suid/sgid semantics under
ptrace, or can attach to a privileged processes.

Andreas.

--
Andreas Schwab, SuSE Labs, schwab@xxxxxxx
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jim Nelson: "Re: [PATCH 1/13] speedtch: Clean up printk()'s indrivers/usb/atm/speedtch.c"
Previous message: Ondrej Zary: "Re: [patch 2/6] 12/34: cdrom/cdu31a: replace interruptible_sleep_on()with wait_event_interruptible()"
In reply to: Tom Horsley: "ptrace and setuid problem"
Next in thread: Tom Horsley: "Re: ptrace and setuid problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]