ptrace patch side-effects on 2.4.x

Jakub Bogusz (qboosh@pld.org.pl)
Mon, 7 Apr 2003 14:09:37 +0200


Hello,

I've noticed a few side-effects of using ptrace patch on Linux 2.4.x
(2.4.18 and 2.4.20 tested, with patch from
http://www.hardrock.org/kernel/2.4.20/linux-2.4.20-ptrace.patch; ptrace
changes in 2.4.21-pre6 look the same, so I expect the same side-effects
in 2.4.21-pre6).

Most of these problems already were mentioned here, but I couldn't find
proper ptrace patch or any set of fixes which could resolve all problems.
Is there any now?

Summarizing: for some processes (like apache, postfix... generally those
which were started with uid=0 and dropped some privileges on startup?):

- /proc/PID/cmdline and /proc/PID/environ are empty (ps displays those
processes in [] brackets, like swapped out); I saw a patch on
LKML, but it enabled this data only for root; previous behaviour
was to allow reading cmdline for all users (blocking it can break some
monitoring systems)

- *trace commands (using ptrace syscall) on such processes don't work
from root account - e.g. strace on httpd shows only:
trace: ptrace(PTRACE_SYSCALL, ...): Operation not permitted
and leaves stopped process (kill -CONT must be used to start it again)

PS. please Cc comments to me. Thanks.

-- 
Jakub Bogusz    http://cyber.cs.net.pl/~qboosh/
PLD Linux       http://www.pld.org.pl/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/