Re: strace security <feature>

Peter Benie (pjb1008@cam.ac.uk)
Thu, 30 Dec 1999 17:44:10 +0000

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Michael L. Welles: "Sealevel 4021 raw capture"
Previous message: Keith Bottner: "Problem running 2.2.13"

Richard B. Johnson writes ("Re: strace security <feature>"):
> On Thu, 30 Dec 1999, Peter Benie wrote:
> > Alan Cox writes ("Re: strace security <feature>"):
> > > strace is not meant to be installed setuid root.
> >
> > That's not entirely true - see the 'setuid installation' section of
> > the manpage.
>
> Certainly `cp` never attempted to obtain root privilege so the suid-root
> bit set in its parent's file should have done nothing.

That's not true. The reasons have been hashed out by others in the
thread, but they are missing the point that strace is expecting that
it might be installed setuid and so should demote privilege before
running cp.

Failure to demote privilege means that strace has failed to provide cp
with its normal environment so the behaviour of a traced cp could be
different from a untraced cp. This _is_ a bug in strace, however, it
is _not_ a security bug since anyone who can run a setuid-root strace
is trusted anyway.

Peter

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Michael L. Welles: "Sealevel 4021 raw capture"
Previous message: Keith Bottner: "Problem running 2.2.13"