using capabilities to allow debug of suid-root programs (ptrace

peeterj@ca.ibm.com
Sat, 17 Apr 1999 01:17:57 -0400


Hi Andrew,

I was looking into the use of linux capabilities to allow debugging of
setuid root programs by allowing cap_sys_ptrace.

I have built and installed libcap on a machine running 2.2, but now that I
have done so I am not exactly sure how to go about allowing selective
ptrace. The first place I looked into was the faq, but the link
(ftp://ftp.guardian.no/pub/free/linux/capabilities/capfaq.txt) seems to be
dead. Do you know of an updated url?

The reason that I want to do this is because Linux seems to not allow
debugging of a suid root program even after dropping all root authorities
(even after calling ALL of set[ug]id, sete[ug]id, and setre[ug]id to not
root group and id). However, we need to allow our programmers to debug and
don't neccessarily want to start passing out the root password all over the
place.

By cc to any kernel developers, is this ptrace behaviour a linux bug, and
if not what is the rational (is more needed then dropping the root
uid/gid?).

Peeter

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/