Alan Cox <alan@redhat.com> writes:
> A patch for Linux 2.4.20/Linux 2.4.21pre is attached. The patch also
> subtly changes the PR_SET_DUMPABLE prctl. We believe this is neccessary and
> that it will not affect any software. The functionality change is specific
> to unusual debugging situations.
I am concerned about this change because it will break sandboxing
software that I have written, which uses prctl() to turn
dumpability back on so that it can open a file, setuid(), and
then execve() through the open file via /proc/self/fd/#. Without
calling prctl(), the ownership of /proc/self/fd/* becomes root,
so the process cannot exec it after it drops privileges. It uses
prctl() in other places to get the same effect in /proc, but
that's one of the most critical.
--
<blp@cs.stanford.edu> <pfaffben@msu.edu> <pfaffben@debian.org> <blp@gnu.org>
Stanford Ph.D. Student - MSU Alumnus - Debian Maintainer - GNU Developer
www.benpfaff.org
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Mar 23 2003 - 22:00:20 EST