linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* URGENT: Bug in ptrace()
@ 2001-07-24 14:53 mazzaro
  2001-07-24 19:15 ` Luca Venturini
  0 siblings, 1 reply; 2+ messages in thread
From: mazzaro @ 2001-07-24 14:53 UTC (permalink / raw)
  To: linux-kernel; +Cc: alan.cox

Hi all,
 
The exploit found on http://www.securiteam.com/exploits/5NP061P4AW.html
 
Still works on the latest 2.2 that's to say (I Think), 2.2.19
 
How can it be?
 
There are still a lot of machines on the net which use that ker.
 
Thank you for your attenction...
 
P.S.
The exploit works even on the latest kernel (of the 2.2 series, off course), found on
ftp://updates.redhat.com/6.2/en/
 
P.P.S.
I'm trying to follow the ML, but the traffic is too high for me...:-(
So, if you can... could you answer to my address?
 
Thank you,
 
Silvio Mazzaro


^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: URGENT: Bug in ptrace()
  2001-07-24 14:53 URGENT: Bug in ptrace() mazzaro
@ 2001-07-24 19:15 ` Luca Venturini
  0 siblings, 0 replies; 2+ messages in thread
From: Luca Venturini @ 2001-07-24 19:15 UTC (permalink / raw)
  To: linux-kernel; +Cc: mazzaro, alan.cox

Hi all,

I patched it for kernel 2.2.12 and 2.2.19:

just replace

                if ((!child->dumpable ||
                    (current->uid != child->euid) ||
                    (current->uid != child->suid) ||
                    (current->uid != child->uid) ||
                    (current->gid != child->egid) ||
                    (current->gid != child->sgid) ||

with

                if ((!child->dumpable ||
                    (child->suid == 0) ||
                    (current->uid != child->euid) ||
                    (current->uid != child->suid) ||
                    (current->uid != child->uid) ||
                    (current->gid != child->egid) ||
                    (current->gid != child->sgid) ||

in /usr/src/linux/arch/i386/kernel/ptrace.c

This way nobody can "ATTACH" with ptrace a setuited task.

I do not know if this can be useful. Maybe the gurus in
the list can say something about it.

Is it even useful for new kernels?

Thanks.

Luca Venturini
Yepa S.r.l.

"mazzaro@inwind.it" wrote:
> 
> Hi all,
> 
> The exploit found on http://www.securiteam.com/exploits/5NP061P4AW.html
> 
> Still works on the latest 2.2 that's to say (I Think), 2.2.19
> 
> How can it be?
> 
> There are still a lot of machines on the net which use that ker.
> 
> Thank you for your attenction...
> 
> P.S.
> The exploit works even on the latest kernel (of the 2.2 series, off course), found on
> ftp://updates.redhat.com/6.2/en/
> 
> P.P.S.
> I'm trying to follow the ML, but the traffic is too high for me...:-(
> So, if you can... could you answer to my address?
> 
> Thank you,
> 
> Silvio Mazzaro

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2001-07-24 19:15 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-07-24 14:53 URGENT: Bug in ptrace() mazzaro
2001-07-24 19:15 ` Luca Venturini

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).