Re: Interesting process tracing glitch

Matthias Urlichs (smurf@work.noris.de)
21 Apr 1998 12:36:28 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Bjarni R. Einarsson: "2.0.34pre9 woes."
Previous message: Alan Cox: "Re: [/driver/scsi] new structure > 2.1.75"

Colin Plumb <colin@nyx.net> writes:
> I was trying to debug Samba printing, so I attached an strace -f
> to the smbd server. This causes execve("/usr/bin/lpr") to fail with
> EPERM, which makes firther debugging difficult.
>
... which is kindof stupid since the tracing process is root anyway and
could just reattach itself immediately (thereby missing the crucial first
few steps of the new image...).

> - Shouldn't the test be against the permissions of the tracing
> process, not the process being traced?

Index: fs/exec.c
--- fs/exec.c.orig Sat, 20 Dec 1997 07:21:49 +0100 smurf (kernel_linux/k/28_exec .c 1.61 644) base.8
+++ fs/exec.c Sat, 20 Dec 1997 07:23:13 +0100 smurf (kernel_linux/k/28_exec .c 1.62 644) test.1(w)
@@ -548,9 +580,10 @@
if (id_change) {
/* We can't suid-execute if we're sharing parts of the executable */
/* or if we're being traced (or if suid execs are not allowed) */
+ /* (except that if the superuser is tracing, that's OK) */
/* (current->mm->count > 1 is ok, as we'll get a new mm anyway) */
if (IS_NOSUID(bprm->inode)
- || (current->flags & PF_PTRACED)
+ || ((current->flags & PF_PTRACED) && (current->p_pptr->euid != 0))
|| (current->fs->count > 1)
|| (current->sig->count > 1)
|| (current->files->count > 1)) {

-- Matthias Urlichs noris network GmbH

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu

Next message: Bjarni R. Einarsson: "2.0.34pre9 woes."
Previous message: Alan Cox: "Re: [/driver/scsi] new structure > 2.1.75"