> Horst von Brand wrote:
> >
> > Nate Eldredge <neldredge@hmc.edu> said:
> > > Jeff Dike wrote:
> > > > Below is a small patch to ptrace which enables it to change system call
> > > > numbers. This is needed in order to run the user-mode port.
> > > >
> > > > It adds range checks to ptrace and to the slow system call path.
> > > >
> > > > I've been feeding this sporadically to Linus for the last couple of months
> > > > with no result. If anyone can clue me in as to what would make this more
> > > > acceptable, please do so.
> > >
> > > This patch also enables a feature in strace that lets it trace child
> > > processes spawned by vfork(). I am strongly in favor of its inclusion.
> > >
> > > I have been running an equivalent patch through several versions of
> > > 2.2.x for some months and have experienced absolutely no ill effects.
> >
> > Has anybody looked closely at possible security implications? I.e., switch
> > system call numbers so "read" becomes "write" (or "exec") and run a
> > program...
>
> You need permission to trace the process (you must be its owner or
> root). And if you have that you can do POKE_DATA and any number of
> other exciting things. So I don't think this adds any security issues.
Hmmm, but how does it works in a capability system? I don't know
capabilities, but presumably you can have TRACE-permissions without having
MEM_WRITE permissions.
/David
_ _
// David Weinehall <tao@acc.umu.se> /> Northern lights wander \\
// Project MCA Linux hacker // Dance across the winter sky //
\> http://www.acc.umu.se/~tao/ </ Full colour fire </
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/