Re: Why can't I ptrace init (pid == 1) ?

Mike Coleman (mkc@mathdogs.com)
06 Aug 2001 17:05:25 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: H. Peter Anvin: "Re: getty problems"
Previous message: Stephen M. Williams: "Is the mailing list going out?"

miquels@cistron-office.nl (Miquel van Smoorenburg) writes:
> The reason right now is I think that ptrace mucks around with sibling
> relations and since init is a special 'father of all processes' (or is that
> mother?) that would get the system into trouble real soon.

Yes. Ptrace does a sort of fakey reparenting of traced processes, which won't
work correctly with init, since it's its own parent.

Notice that init *is* currently allowed to do a PTRACE_TRACEME, which would
almost certainly cause the system to fail spectacularly. It's not really a
security problem, since init can do anything anyway, but it does annoy my
aesthetic sensibilities a bit. (The patch I sent to fix this wasn't
incorporated.)

-- 
Mike Coleman, mkc@mathdogs.com
http://www.mathdogs.com
problem solving, expert software development
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: H. Peter Anvin: "Re: getty problems"
Previous message: Stephen M. Williams: "Is the mailing list going out?"