> - Shouldn't the test be against the permissions of the tracing
> process, not the process being traced?
Index: fs/exec.c
--- fs/exec.c.orig Sat, 20 Dec 1997 07:21:49 +0100 smurf (kernel_linux/k/28_exec .c 1.61 644) base.8
+++ fs/exec.c Sat, 20 Dec 1997 07:23:13 +0100 smurf (kernel_linux/k/28_exec .c 1.62 644) test.1(w)
@@ -548,9 +580,10 @@
if (id_change) {
/* We can't suid-execute if we're sharing parts of the executable */
/* or if we're being traced (or if suid execs are not allowed) */
+ /* (except that if the superuser is tracing, that's OK) */
/* (current->mm->count > 1 is ok, as we'll get a new mm anyway) */
if (IS_NOSUID(bprm->inode)
- || (current->flags & PF_PTRACED)
+ || ((current->flags & PF_PTRACED) && (current->p_pptr->euid != 0))
|| (current->fs->count > 1)
|| (current->sig->count > 1)
|| (current->files->count > 1)) {
-- Matthias Urlichs noris network GmbH- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu