From: Ben Pfaff <blp@cs.stanford.edu>
To: linux-kernel@vger.kernel.org
Subject: Re: Ptrace hole / Linux 2.2.25
Date: 17 Mar 2003 10:39:31 -0800 [thread overview]
Message-ID: <87smtlbzx8.fsf@pfaff.Stanford.EDU> (raw)
In-Reply-To: <20030317161020$42ed@gated-at.bofh.it>
Alan Cox <alan@redhat.com> writes:
> A patch for Linux 2.4.20/Linux 2.4.21pre is attached. The patch also
> subtly changes the PR_SET_DUMPABLE prctl. We believe this is neccessary and
> that it will not affect any software. The functionality change is specific
> to unusual debugging situations.
I am concerned about this change because it will break sandboxing
software that I have written, which uses prctl() to turn
dumpability back on so that it can open a file, setuid(), and
then execve() through the open file via /proc/self/fd/#. Without
calling prctl(), the ownership of /proc/self/fd/* becomes root,
so the process cannot exec it after it drops privileges. It uses
prctl() in other places to get the same effect in /proc, but
that's one of the most critical.
--
<blp@cs.stanford.edu> <pfaffben@msu.edu> <pfaffben@debian.org> <blp@gnu.org>
Stanford Ph.D. Student - MSU Alumnus - Debian Maintainer - GNU Developer
www.benpfaff.org
next parent reply other threads:[~2003-03-17 18:28 UTC|newest]
Thread overview: 103+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20030317161020$42ed@gated-at.bofh.it>
2003-03-17 18:39 ` Ben Pfaff [this message]
2003-03-18 1:46 ` Ptrace hole / Linux 2.2.25 Alan Cox
2003-03-27 14:47 Dr. Greg Wettstein
-- strict thread matches above, loose matches on Subject: below --
2003-03-23 22:38 Martin J. Bligh
2003-03-23 22:53 ` Jeff Garzik
2003-03-23 23:06 ` Martin J. Bligh
2003-03-24 10:30 ` Stephan von Krawczynski
2003-03-24 10:43 ` Christoph Hellwig
2003-03-24 15:40 ` Martin J. Bligh
2003-03-24 16:55 ` Stephan von Krawczynski
[not found] <20030323194012$6886@gated-at.bofh.it>
[not found] ` <20030323194014$66c3@gated-at.bofh.it>
[not found] ` <20030323195010$5026@gated-at.bofh.it>
[not found] ` <20030323195012$6f30@gated-at.bofh.it>
[not found] ` <20030323200029$737b@gated-at.bofh.it>
[not found] ` <20030323202005$2a74@gated-at.bofh.it>
2003-03-23 20:33 ` Florian Weimer
2003-03-23 22:24 ` Alan Cox
2003-03-23 21:46 ` Florian Weimer
2003-03-23 23:05 ` Alan Cox
[not found] ` <20030323200023$1a65@gated-at.bofh.it>
[not found] ` <20030323202014$096a@gated-at.bofh.it>
2003-03-23 20:35 ` Florian Weimer
2003-03-23 20:59 ` Robert Love
2003-03-19 20:09 Matthew Grant
2003-03-19 21:34 ` Matthew Grant
2003-03-19 11:28 mlafon
2003-03-17 16:04 Alan Cox
2003-03-17 17:57 ` Arjan van de Ven
2003-03-17 18:20 ` Tomas Szepe
2003-03-17 18:23 ` James Bourne
2003-03-17 18:27 ` Jeff Garzik
2003-03-21 21:17 ` Pavel Machek
2003-03-23 10:00 ` Stephan von Krawczynski
2003-03-23 13:41 ` Jeff Garzik
2003-03-23 15:58 ` Petr Baudis
2003-03-23 19:25 ` Martin Mares
2003-03-23 19:30 ` Alan Cox
2003-03-23 19:34 ` Martin Mares
2003-03-23 19:38 ` Alan Cox
2003-03-23 19:44 ` Martin Mares
2003-03-23 19:47 ` Robert Love
2003-03-23 19:55 ` Henrik Persson
2003-03-23 20:13 ` Robert Love
2003-03-23 20:46 ` Henrik Persson
2003-03-23 19:56 ` Martin Mares
2003-03-23 20:08 ` Russell King
2003-03-23 22:26 ` Alan Cox
2003-03-23 20:10 ` Robert Love
2003-03-23 20:30 ` Martin J. Bligh
2003-03-23 20:36 ` Pavel Machek
2003-03-23 21:20 ` Martin Hermanowski
2003-03-23 21:35 ` James Bourne
2003-03-23 21:53 ` Martin J. Bligh
2003-03-23 22:21 ` Jeff Garzik
2003-03-23 22:29 ` James Bourne
2003-03-23 22:57 ` Martin J. Bligh
2003-03-24 0:15 ` James Bourne
2003-03-23 22:43 ` Felipe Alfaro Solana
2003-03-23 22:54 ` Martin J. Bligh
2003-03-23 23:19 ` Alan Cox
2003-03-23 23:34 ` Martin J. Bligh
2003-03-24 3:35 ` Andrea Arcangeli
2003-03-24 3:54 ` Andrea Arcangeli
2003-03-24 6:56 ` Christoph Hellwig
2003-03-24 12:17 ` Alan Cox
2003-03-23 23:34 ` Jeff Garzik
2003-03-23 23:45 ` Martin J. Bligh
2003-03-24 0:07 ` J.A. Magallon
2003-03-24 6:52 ` Christoph Hellwig
2003-03-24 0:09 ` Christian Axelsson
2003-03-24 20:05 ` aradorlinux
2003-03-23 20:38 ` Arjan van de Ven
2003-03-23 20:51 ` Martin J. Bligh
2003-03-24 0:51 ` Juan Quintela
2003-03-24 1:29 ` Brian Tinsley
2003-03-23 20:54 ` Robert Love
2003-03-23 22:13 ` Martin J. Bligh
2003-03-23 21:51 ` Jeff Garzik
2003-03-23 21:59 ` Martin J. Bligh
2003-03-23 22:14 ` Jeff Garzik
2003-03-23 22:46 ` Martin J. Bligh
2003-03-25 11:35 ` Henning P. Schmiedehausen
2003-03-25 11:36 ` Henning P. Schmiedehausen
2003-03-23 20:09 ` Tomas Szepe
2003-03-23 20:21 ` Robert Love
2003-03-23 20:49 ` Jeff Garzik
2003-03-23 22:22 ` Alan Cox
2003-03-23 21:56 ` Jeff Garzik
2003-03-23 21:59 ` Arjan van de Ven
2003-03-24 15:33 ` jlnance
2003-03-23 19:53 ` Jörn Engel
2003-03-24 0:08 ` Sven Schuster
2003-03-24 0:20 ` James Bourne
2003-03-24 0:37 ` Sven Schuster
2003-03-24 0:50 ` James Bourne
2003-03-24 0:39 ` Jörn Engel
2003-03-24 2:54 ` H. Peter Anvin
2003-03-24 2:57 ` James Bourne
2003-03-24 2:59 ` H. Peter Anvin
2003-03-24 14:42 ` Dave Jones
2003-03-27 7:47 ` Pavel Machek
2003-03-26 20:30 ` Dave Jones
2003-03-26 20:41 ` H. Peter Anvin
2003-03-26 21:02 ` Jörn Engel
2003-03-27 5:20 ` James Bourne
2003-03-23 19:41 ` Tomas Szepe
2003-03-17 19:34 ` Alan Cox
2003-03-17 18:27 ` Tomas Szepe
2003-03-17 19:23 ` Neale Banks
2003-03-18 18:44 ` James Bourne
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87smtlbzx8.fsf@pfaff.Stanford.EDU \
--to=blp@cs.stanford.edu \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).