On Wed, 12 Sep 2007, Brent Casavant wrote: > On Wed, 12 Sep 2007, Al Viro wrote: > > > Give me a break. And learn about ptrace(2). This "unlinking" bullshit > > buys you zero additional security, both for /proc/*/mem and for /dev/mem > > (see mknod(2)). > > My (limited) understanding of ptrace is that a parent-child > relationship is needed between the tracing process and the traced > process (at least that's what I gather from the man page). This > does give cause for concern, and I might have to see what can be > done to alleviate this concern. I fully realize that making this > design completely unassilable is a fools errand, but closing off > as many attack vectors as possible seems prudent.
Hmm. The solution would appear to be as simple as making the target program set-user-id. As long as as the attacker isn't the superuser (or has CAP_SYS_PTRACE) we should be OK. Thanks for the heads-up, Brent -- Brent Casavant All music is folk music. I ain't [EMAIL PROTECTED] never heard a horse sing a song. Silicon Graphics, Inc. -- Louis Armstrong - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/