Re: As 2.0 looms

Miquel van Smoorenburg (miquels@drinkel.ow.org)
Tue, 21 May 1996 11:41:02 +0200 (MET DST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ulrich Windl: "psaux, APM, gpm problem with recent kernels"
Previous message: Francisco J. Ballesteros: "Re: Proposal: merged system calls"

In article <m0uGULF-0005FhC@lightning.swansea.linux.org.uk>,
Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
>> Quick fix in .96, but breaks at least some versions of strace. Changed
>> in .98 - strace works again, but I think there may be a race condition
>> if read() passes the checks, sleeps on memcpy_tofs() due to a swap-in,
>> and the target process execs a setuid program in this time window.
>
>Thats bad because with an nfs program and a PC on the lan you can use for
>flooding it becomes quite a wide window.

No the target program must be PTRACE_ATTACHed and it must also be
in a _stopped_ state. So there is no way for it to continue
running and do an exec or whatever.

Mike.

--
+ Miquel van Smoorenburg   + Cistron Internet Services +  Living is a     |
| miquels@cistron.nl (SP6) | Independent Dutch ISP     |   horizontal     |
+ miquels@drinkel.ow.org   + http://www.cistron.nl/    +      fall        +

Next message: Ulrich Windl: "psaux, APM, gpm problem with recent kernels"
Previous message: Francisco J. Ballesteros: "Re: Proposal: merged system calls"