Re: [RFC PATCH] ptrace: add PTRACE_GETFD request

From: Jann Horn
Date: Fri Dec 06 2019 - 14:05:59 EST


On Fri, Dec 6, 2019 at 8:03 PM Sargun Dhillon <sargun@xxxxxxxxx> wrote:
> On Fri, Dec 6, 2019 at 6:10 AM Tycho Andersen <tycho@xxxxxxxx> wrote:
> > On Thu, Dec 05, 2019 at 11:44:53PM +0000, Sargun Dhillon wrote:
> > > take action on an FD on behalf of the tracee. For example, this
> > > can be combined with seccomp's user notification feature to extract
> > > a file descriptor and call privileged syscalls, like binding
> > > a socket to a privileged port.
> >
> > This can already be accomplished via injecting parasite code like CRIU
> > does; adding a ptrace() command like this makes it much nicer to be
> > sure, but it is redundant.
> >
> How can you do this if the tracee doesn't have privilege? For example,
> if the tracee doesn't have CAP_SYS_BIND_SERVICE, how could you
> get it to bind to a port that's privileged without taking the file descriptor
> and doing it in a process that does have CAP_SYS_BIND_SERVICE?

(You can let the parasite send the fd to the tracer via
SCM_CREDENTIALS if you have previously set up a unix domain socket for
this.)