All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
@ 2018-10-02 20:47 Yves-Alexis Perez
  2018-10-02 20:52 ` Kees Cook
  2018-10-02 20:52 ` Matthew Wilcox
  0 siblings, 2 replies; 7+ messages in thread
From: Yves-Alexis Perez @ 2018-10-02 20:47 UTC (permalink / raw)
  To: Kees Cook, Jonathan Corbet, linux-doc, linux-kernel; +Cc: trivial

Current phrasing is ambiguous since it's unclear if attaching to a
children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
sentence to make that clear.

Signed-off-by: Yves-Alexis Perez <corsac@corsac.net>
---
 Documentation/admin-guide/LSM/Yama.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Documentation/admin-guide/LSM/Yama.rst b/Documentation/admin-guide/LSM/Yama.rst
index 13468ea696b7..d0a060de3973 100644
--- a/Documentation/admin-guide/LSM/Yama.rst
+++ b/Documentation/admin-guide/LSM/Yama.rst
@@ -64,8 +64,8 @@ The sysctl settings (writable only with ``CAP_SYS_PTRACE``) are:
     Using ``PTRACE_TRACEME`` is unchanged.
 
 2 - admin-only attach:
-    only processes with ``CAP_SYS_PTRACE`` may use ptrace
-    with ``PTRACE_ATTACH``, or through children calling ``PTRACE_TRACEME``.
+    only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
+    ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``.
 
 3 - no attach:
     no processes may use ptrace with ``PTRACE_ATTACH`` nor via
-- 
2.19.0


-- 
Yves-Alexis

^ permalink raw reply related	[flat|nested] 7+ messages in thread
* Re: [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
  2018-10-02 20:47 [PATCH] yama: clarify ptrace_scope=2 in Yama documentation Yves-Alexis Perez
@ 2018-10-02 20:52 ` Kees Cook
  2018-10-07 14:37   ` Jonathan Corbet
  2018-10-02 20:52 ` Matthew Wilcox
  1 sibling, 1 reply; 7+ messages in thread
From: Kees Cook @ 2018-10-02 20:52 UTC (permalink / raw)
  To: Yves-Alexis Perez; +Cc: Jonathan Corbet, open list:DOCUMENTATION, LKML, trivial

On Tue, Oct 2, 2018 at 1:47 PM, Yves-Alexis Perez <corsac@corsac.net> wrote:
> Current phrasing is ambiguous since it's unclear if attaching to a
> children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
> sentence to make that clear.
>
> Signed-off-by: Yves-Alexis Perez <corsac@corsac.net>

Thanks! Yes, this makes things more clear.

Acked-by: Kees Cook <keescook@chromium.org>

Jon, can you take this in your tree?

-Kees

> ---
>  Documentation/admin-guide/LSM/Yama.rst | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/Documentation/admin-guide/LSM/Yama.rst b/Documentation/admin-guide/LSM/Yama.rst
> index 13468ea696b7..d0a060de3973 100644
> --- a/Documentation/admin-guide/LSM/Yama.rst
> +++ b/Documentation/admin-guide/LSM/Yama.rst
> @@ -64,8 +64,8 @@ The sysctl settings (writable only with ``CAP_SYS_PTRACE``) are:
>      Using ``PTRACE_TRACEME`` is unchanged.
>
>  2 - admin-only attach:
> -    only processes with ``CAP_SYS_PTRACE`` may use ptrace
> -    with ``PTRACE_ATTACH``, or through children calling ``PTRACE_TRACEME``.
> +    only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
> +    ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``.
>
>  3 - no attach:
>      no processes may use ptrace with ``PTRACE_ATTACH`` nor via
> --
> 2.19.0
>
>
> --
> Yves-Alexis



-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
  2018-10-02 20:47 [PATCH] yama: clarify ptrace_scope=2 in Yama documentation Yves-Alexis Perez
  2018-10-02 20:52 ` Kees Cook
@ 2018-10-02 20:52 ` Matthew Wilcox
  2018-10-02 21:07   ` Kees Cook
  2018-10-02 21:08   ` Yves-Alexis Perez
  1 sibling, 2 replies; 7+ messages in thread
From: Matthew Wilcox @ 2018-10-02 20:52 UTC (permalink / raw)
  To: Yves-Alexis Perez
  Cc: Kees Cook, Jonathan Corbet, linux-doc, linux-kernel, trivial

On Tue, Oct 02, 2018 at 10:47:23PM +0200, Yves-Alexis Perez wrote:
> Current phrasing is ambiguous since it's unclear if attaching to a
> children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
> sentence to make that clear.

I disagree that your sentence makes that clear.  How about:

>  2 - admin-only attach:
> -    only processes with ``CAP_SYS_PTRACE`` may use ptrace
> -    with ``PTRACE_ATTACH``, or through children calling ``PTRACE_TRACEME``.
> +    only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
> +    ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``.

+    only processes with ``CAP_SYS_PTRACE`` may use ptrace.  This
+    restricts both ``PTRACE_ATTACH`` and ``PTRACE_TRACEME``.


^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
  2018-10-02 20:52 ` Matthew Wilcox
@ 2018-10-02 21:07   ` Kees Cook
  2018-10-02 21:08   ` Yves-Alexis Perez
  1 sibling, 0 replies; 7+ messages in thread
From: Kees Cook @ 2018-10-02 21:07 UTC (permalink / raw)
  To: Matthew Wilcox
  Cc: Yves-Alexis Perez, Jonathan Corbet, open list:DOCUMENTATION,
	LKML, trivial

On Tue, Oct 2, 2018 at 1:52 PM, Matthew Wilcox <willy@infradead.org> wrote:
> On Tue, Oct 02, 2018 at 10:47:23PM +0200, Yves-Alexis Perez wrote:
>> Current phrasing is ambiguous since it's unclear if attaching to a
>> children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
>> sentence to make that clear.
>
> I disagree that your sentence makes that clear.  How about:
>
>>  2 - admin-only attach:
>> -    only processes with ``CAP_SYS_PTRACE`` may use ptrace
>> -    with ``PTRACE_ATTACH``, or through children calling ``PTRACE_TRACEME``.
>> +    only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
>> +    ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``.
>
> +    only processes with ``CAP_SYS_PTRACE`` may use ptrace.  This
> +    restricts both ``PTRACE_ATTACH`` and ``PTRACE_TRACEME``.

PTRACE_TRACEME is done by the child, not the process with
CAP_SYS_PTRACE, so I still think the Yves-Alexis's is clearer. But if
other agree, I'm fine with it. :)

-Kees

-- 
Kees Cook
Pixel Security

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
  2018-10-02 20:52 ` Matthew Wilcox
  2018-10-02 21:07   ` Kees Cook
@ 2018-10-02 21:08   ` Yves-Alexis Perez
  2018-10-07  8:54     ` Yves-Alexis Perez
  1 sibling, 1 reply; 7+ messages in thread
From: Yves-Alexis Perez @ 2018-10-02 21:08 UTC (permalink / raw)
  To: Matthew Wilcox
  Cc: Kees Cook, Jonathan Corbet, linux-doc, linux-kernel, trivial

On Tue, 2018-10-02 at 13:52 -0700, Matthew Wilcox wrote:
> On Tue, Oct 02, 2018 at 10:47:23PM +0200, Yves-Alexis Perez wrote:
> > Current phrasing is ambiguous since it's unclear if attaching to a
> > children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
> > sentence to make that clear.
> 
> I disagree that your sentence makes that clear.  How about:
> 
> >  2 - admin-only attach:
> > -    only processes with ``CAP_SYS_PTRACE`` may use ptrace
> > -    with ``PTRACE_ATTACH``, or through children calling
> > ``PTRACE_TRACEME``.
> > +    only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
> > +    ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``.
> 
> +    only processes with ``CAP_SYS_PTRACE`` may use ptrace.  This
> +    restricts both ``PTRACE_ATTACH`` and ``PTRACE_TRACEME``.

Hi Matthew,

I'm no native speaker, both versions are fine by me but I liked keeping the
“children calling” part since the semantics are quite different for
PTRACE_ATTACH and PTRACE_TRACEME.

Regards,
-- 
Yves-Alexis

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
  2018-10-02 21:08   ` Yves-Alexis Perez
@ 2018-10-07  8:54     ` Yves-Alexis Perez
  0 siblings, 0 replies; 7+ messages in thread
From: Yves-Alexis Perez @ 2018-10-07  8:54 UTC (permalink / raw)
  To: Matthew Wilcox, Kees Cook
  Cc: Jonathan Corbet, linux-doc, linux-kernel, trivial

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On Tue, 2018-10-02 at 23:08 +0200, Yves-Alexis Perez wrote:
> On Tue, 2018-10-02 at 13:52 -0700, Matthew Wilcox wrote:
> > On Tue, Oct 02, 2018 at 10:47:23PM +0200, Yves-Alexis Perez wrote:
> > > Current phrasing is ambiguous since it's unclear if attaching to a
> > > children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
> > > sentence to make that clear.
> > 
> > I disagree that your sentence makes that clear.  How about:
> > 
> > >  2 - admin-only attach:
> > > -    only processes with ``CAP_SYS_PTRACE`` may use ptrace
> > > -    with ``PTRACE_ATTACH``, or through children calling
> > > ``PTRACE_TRACEME``.
> > > +    only processes with ``CAP_SYS_PTRACE`` may use ptrace, either with
> > > +    ``PTRACE_ATTACH`` or through children calling ``PTRACE_TRACEME``.
> > 
> > +    only processes with ``CAP_SYS_PTRACE`` may use ptrace.  This
> > +    restricts both ``PTRACE_ATTACH`` and ``PTRACE_TRACEME``.
> 
> Hi Matthew,
> 
> I'm no native speaker, both versions are fine by me but I liked keeping the
> “children calling” part since the semantics are quite different for
> PTRACE_ATTACH and PTRACE_TRACEME.
> 
Hi Kees, Matthew,

so what's the status on this? Who needs to acknowledge one wording or another?

Regards,
- -- 
Yves-Alexis
-----BEGIN PGP SIGNATURE-----

iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlu5ydIACgkQ3rYcyPpX
RFt7oAgAued/FsFiGvk6U/RG3JEj5p5aRu6harAXqK/Mw8n1gEu0nGvZvFJn31eY
fcU8quTtbmiNR2oYrAxjri2dhVd2JLsKDZU1bhpcKk33jDOzhUjeKnJgLGY38Z01
5idfKSy0CEZ0FvYvpt7gOm3loFlbM0au9JgFszVwFM8Yartr5vH1mPlZUwGbrroH
RORqAkwVI+g8iK1vqq9fdCf9J5mwcYu0DR8STvP8Nx12zEDNeiCShvXDNNt5VKg3
BHVNPHvE8uKaZmlyYt1oy9ZKjjcHn6veVkKEKFRz/TVc+q/Z7G1cORzVb7GzIPGj
9GoIZP2+Wi+7KUqUYQnHZSfujd5BzQ==
=jfBM
-----END PGP SIGNATURE-----

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH] yama: clarify ptrace_scope=2 in Yama documentation
  2018-10-02 20:52 ` Kees Cook
@ 2018-10-07 14:37   ` Jonathan Corbet
  0 siblings, 0 replies; 7+ messages in thread
From: Jonathan Corbet @ 2018-10-07 14:37 UTC (permalink / raw)
  To: Kees Cook; +Cc: Yves-Alexis Perez, open list:DOCUMENTATION, LKML, trivial

On Tue, 2 Oct 2018 13:52:32 -0700
Kees Cook <keescook@chromium.org> wrote:

> On Tue, Oct 2, 2018 at 1:47 PM, Yves-Alexis Perez <corsac@corsac.net> wrote:
> > Current phrasing is ambiguous since it's unclear if attaching to a
> > children through PTRACE_TRACEME requires CAP_SYS_PTRACE. Rephrase the
> > sentence to make that clear.
> >
> > Signed-off-by: Yves-Alexis Perez <corsac@corsac.net>  
> 
> Thanks! Yes, this makes things more clear.
> 
> Acked-by: Kees Cook <keescook@chromium.org>
> 
> Jon, can you take this in your tree?

Applied, thanks.

jon

^ permalink raw reply	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2018-10-07 14:37 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-02 20:47 [PATCH] yama: clarify ptrace_scope=2 in Yama documentation Yves-Alexis Perez
2018-10-02 20:52 ` Kees Cook
2018-10-07 14:37   ` Jonathan Corbet
2018-10-02 20:52 ` Matthew Wilcox
2018-10-02 21:07   ` Kees Cook
2018-10-02 21:08   ` Yves-Alexis Perez
2018-10-07  8:54     ` Yves-Alexis Perez

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.