Re: How to fix the ptrace flaw without rebooting

Erik Hensema (erik@hensema.net)
Thu, 3 Apr 2003 12:30:05 +0000 (UTC)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Sven Luther: "Re: [Linux-fbdev-devel] [PATCH]: EDID parser"
Previous message: chas williams: "Re: 2.5.66-mm3: drivers/atm/iphase.c doesn't compile"
Maybe in reply to: Chuck Ebbert: "How to fix the ptrace flaw without rebooting"
Next in thread: Chuck Ebbert: "Re: How to fix the ptrace flaw without rebooting"

Chuck Ebbert (76306.1226@compuserve.com) wrote:
> Author: Chuck Ebbert
> Adapted from: Phrack Inc., Volume 0x0b, Issue 0x3a, Phile #0x07
> Directions: Run this program as root on an x86 machine.
> It will disable the ptrace system call, thus
> fixing the Linux 'ptrace flaw'. (It will also
> break strace, debugging tools and User Mode Linux.)
> WARNING: Your computer may crash or do other strange things
> if you run this program as root. No warranty.

If you can't reboot to apply a security fix, you've got a serious problem.

A better fix in a running system is to simply disable dynamic module
loading: echo /no/such/file > /proc/sys/kernel/modprobe
At the very least you can be sure your machine won't crash this way ;-)

-- 
Erik Hensema <erik@hensema.net>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Next message: Sven Luther: "Re: [Linux-fbdev-devel] [PATCH]: EDID parser"
Previous message: chas williams: "Re: 2.5.66-mm3: drivers/atm/iphase.c doesn't compile"
Maybe in reply to: Chuck Ebbert: "How to fix the ptrace flaw without rebooting"
Next in thread: Chuck Ebbert: "Re: How to fix the ptrace flaw without rebooting"