On Wed, 2013-09-04 at 17:24 -0400, Vivek Goyal wrote:
Doesn't this:
> + if (!ptraced_by_unsafe_tracer())
> + bprm->cred->proc_signed = true;
race with this if the attacker is able to run between the check and
proc_signed being set to true?
> + if (mode != PTRACE_MODE_READ && child_cred->proc_signed &&
> + !cred->proc_signed) {
> + ret = -EPERM;
> + goto out;
> + }
--
Matthew Garrett <[email protected]>
_______________________________________________
kernel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/kernel
