Re: ptrace and setuid problem

From: Tom Horsley
Date: Sun Mar 06 2005 - 07:55:33 EST

Next message: Guennadi Liakhovetski: "Re: [2.6.11 Permedia-2 Framebuffer] driver broken (?)."
Previous message: Jim Nelson: "Re: [PATCH 1/13] speedtch: Clean up printk()'s indrivers/usb/atm/speedtch.c"
In reply to: Andreas Schwab: "Re: ptrace and setuid problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andreas Schwab wrote:

Tom Horsley <tomhorsley@xxxxxxxxxxxx> writes:

If I exec a setuid program under ptrace, I can read the image via
PEEKDATA requests.

Only CAP_SYS_PTRACE capable processes get suid/sgid semantics under
ptrace, or can attach to a privileged processes.

Andreas.

I realize the program under ptrace is no longer running setuid, but it is still running,
and the debugger can examine the process memory. With most setuid programs
being installed execute-only with no read access, isn't it a security problem that
I can get read access anyway (at least to the parts of the file that are in LOAD
segments)?

(Although I do notice that my suse 9.2 system has /usr/bin/sudo installed readable -
it is only my fedora core 3 system that has it execute only - just to pick a sample
setuid program).

Maybe setuid shouldn't even be the question, maybe the issue should be that
ptrace can read parts of program files that have no read access.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Guennadi Liakhovetski: "Re: [2.6.11 Permedia-2 Framebuffer] driver broken (?)."
Previous message: Jim Nelson: "Re: [PATCH 1/13] speedtch: Clean up printk()'s indrivers/usb/atm/speedtch.c"
In reply to: Andreas Schwab: "Re: ptrace and setuid problem"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]