ptrace versus setuid changes in 4.14?

From: Tom Horsley
Date: Thu Dec 21 2017 - 09:18:31 EST

Next message: Bartosz Golaszewski: "Re: [PATCH v2 2/5] dt-bindings: at24: add a missing compatible"
Previous message: Matthew Wilcox: "Re: [PATCH v20 3/7 RESEND] xbitmap: add more operations"
Next in thread: Laura Abbott: "Re: ptrace versus setuid changes in 4.14?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On my fedora 26 box with a 4.13 kernel, when a process
under ptrace control did an exec of a setuid program,
the program lost all of its setuid privileges and
ptrace could operate on it like a normal program.

Experimental evidence seems to indicate that on
fedora 27 with a 4.14 kernel, ptrace cannot
do a PEEKDATA to read anything from the just
execed setuid program. (I get errno 5 - I/O error).

Am I confused somehow, or did something really change
in this vicinity?

It puts a real crimp in my fancy debug feature to
patch code into a setuid program to make it re-exec itself,
then detach from it. (I don't suppose we could get
a setoptions feature to tell the kernel to detach
from setuid programs automagically and let the debugger
know it is no longer in control of the process?)

Next message: Bartosz Golaszewski: "Re: [PATCH v2 2/5] dt-bindings: at24: add a missing compatible"
Previous message: Matthew Wilcox: "Re: [PATCH v20 3/7 RESEND] xbitmap: add more operations"
Next in thread: Laura Abbott: "Re: ptrace versus setuid changes in 4.14?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]