Re: [PATCH] i386 ptrace patch needed for user-mode port

Nate Eldredge (neldredge@hmc.edu)
Mon, 27 Sep 1999 12:53:38 -0700


Horst von Brand wrote:
>
> Nate Eldredge <neldredge@hmc.edu> said:
> > Jeff Dike wrote:
> > > Below is a small patch to ptrace which enables it to change system call
> > > numbers. This is needed in order to run the user-mode port.
> > >
> > > It adds range checks to ptrace and to the slow system call path.
> > >
> > > I've been feeding this sporadically to Linus for the last couple of months
> > > with no result. If anyone can clue me in as to what would make this more
> > > acceptable, please do so.
> >
> > This patch also enables a feature in strace that lets it trace child
> > processes spawned by vfork(). I am strongly in favor of its inclusion.
> >
> > I have been running an equivalent patch through several versions of
> > 2.2.x for some months and have experienced absolutely no ill effects.
>
> Has anybody looked closely at possible security implications? I.e., switch
> system call numbers so "read" becomes "write" (or "exec") and run a
> program...

You need permission to trace the process (you must be its owner or
root). And if you have that you can do POKE_DATA and any number of
other exciting things. So I don't think this adds any security issues.

-- 

Nate Eldredge neldredge@hmc.edu

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/