Re: 2.4+ptrace exploit fix breaks root's ability to strace

Lists (linux@lapd.cj.edu.ro)
Sun, 23 Mar 2003 12:31:39 +0200 (EET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
Previous message: Wichert Akkerman: "ipv6 ipsec tunnel mode produces broken packets"

This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.

--=_courier-24501-1048415929-0001-2
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

On Sat, 22 Mar 2003, Alan Cox wrote:

> On Sat, 2003-03-22 at 10:31, Russell King wrote:
> > Are the authors of the ptrace patch aware that, in addition to closing the
> > hole, the "fix" also prevents a ptrace-capable task (eg, strace started by
> > root) from ptracing user threads?
>
> Its an unintended side effect, nobody has sent a patch to fix it yet.

Hi,

mlafon send a patch to the list:
--------------------------------------------------------------------
Date: Wed, 19 Mar 2003 12:28:02 +0100
From: mlafon@arkoon.net
To: linux-kernel@vger.kernel.org
Subject: Re: Ptrace hole / Linux 2.2.25

The patch breaks /proc/<pid>/cmdline and /proc/<pid>/environ for 'non
dumpable'
processes, even for root.

We need to access theses proc files for processes monitoring.

Included is a patch to restore this functionnality for root.

Any comments ?
(See attached file: cmdline_environ_fix.diff)
--------------------------------------------------------------------

Nobody responded to his e-mail. I attach the patch again. I will test
the patch tomorow.

Cosmin
--=_courier-24501-1048415929-0001-2
Content-Type: text/plain; charset=us-ascii; name="cmdline_environ_fix.diff"
Content-Transfer-Encoding: base64
Content-ID: <Pine.LNX.4.51L0.0303231231390.15290@lapd.cj.edu.ro>
Content-Description:
Content-Disposition: attachment; filename="cmdline_environ_fix.diff"

ZGlmZiAtdSAtcjEuMy4yNC4xIHB0cmFjZS5jDQotLS0gbGludXgtMi40L2tl
cm5lbC9wdHJhY2UuYwkyMDAzLzAzLzE5IDEwOjUwOjU3CTEuMy4yNC4xDQor
KysgbGludXgtMi40L2tlcm5lbC9wdHJhY2UuYwkyMDAzLzAzLzE5IDEwOjU0
OjQ1DQpAQCAtMTQwLDcgKzE0MCw3IEBADQogCS8qIFdvcnJ5IGFib3V0IHJh
Y2VzIHdpdGggZXhpdCgpICovDQogCXRhc2tfbG9jayh0c2spOw0KIAltbSA9
IHRzay0+bW07DQotCWlmICghaXNfZHVtcGFibGUodHNrKSB8fCAoJmluaXRf
bW0gPT0gbW0pKQ0KKwlpZiAoKCFpc19kdW1wYWJsZSh0c2spIHx8ICgmaW5p
dF9tbSA9PSBtbSkpICYmIChjdXJyZW50LT51aWQgIT0gMCkpDQogCQltbSA9
IE5VTEw7DQogCWlmIChtbSkNCiAJCWF0b21pY19pbmMoJm1tLT5tbV91c2Vy
cyk7DQo=

--=_courier-24501-1048415929-0001-2--

Next message: Russell King: "Re: 2.4+ptrace exploit fix breaks root's ability to strace"
Previous message: Wichert Akkerman: "ipv6 ipsec tunnel mode produces broken packets"