As a debugger developer, I find it quite handy when debugging
a real process to use the PTRACE_GET_THREAD_AREA or
PTRACE_GET_ARCH_PRCTL calls to dig up pthread IDs without
having to know too much about the internals of the pthread
library. (It would be even handier if the info was more
consistent
No, not a new security hole (exactly), more of a philosophy
question:
If I exec a setuid program under ptrace, I can read the image via
PEEKDATA requests. Could (or should) that be considered a security
hole? Come to think of it, should any executable with no read
access (setuid or not) be
Andreas Schwab wrote:
Tom Horsley [EMAIL PROTECTED] writes:
If I exec a setuid program under ptrace, I can read the image via
PEEKDATA requests.
Only CAP_SYS_PTRACE capable processes get suid/sgid semantics under
ptrace, or can attach to a privileged processes.
Andreas.
I realize
I noticed some previous messages with this subject, but the
walkback I'm getting doesn't match exactly the ones shown
in the threads I saw, so I figured I'd send this in.
This happens on both my Fedora 18 and Fedora 17 partitions
when mounting filesystems from very old servers that
need the
On Fri, 15 Feb 2013 14:22:29 -0500
J. Bruce Fields wrote:
Any more reports positive or negative welcome.
Well, I don't have the time or energy to try patches on my
system at work, but these seem to be concerned with terminating
an NFS connection. My aborts all happen at boot when it
is trying
I submitted this fedora bugzilla recently:
https://bugzilla.redhat.com/show_bug.cgi?id=1352325
Among other things, it shows a Windows 10 KVM virtual machine
causing strange side effects back on the fedora 24 host, which
sure seems like the sort of thing that might be a security issue.
After
Every once in a while google-chrome goes into a 100% cpu loop.
I got curious and examined the thread that was running at 100%
and strace says this over and over again till I interrupt it:
gettid()= 1
gettid()= 1
gettid()
The official lkml FAQ links all point to www.tux.org.
There is no DNS entry for any server I've queried for
www.tux.org.
This makes it kind of difficult to read the FAQ.
One example:
tomh> nslookup www.tux.org 8.8.8.8
Server: 8.8.8.8
Address:8.8.8.8#53
** server can't find
at.com/show_bug.cgi?id=1528633
> >
> > Reported-by: Tom Horsley <horsley1...@gmail.com>
>
> Seems right, any chance we could get a tested-by: Tom? (Did we already
> get that?)
I didn't test it myself, but all I'd do is run the test program
I've attached to the bu
On my fedora 26 box with a 4.13 kernel, when a process
under ptrace control did an exec of a setuid program,
the program lost all of its setuid privileges and
ptrace could operate on it like a normal program.
Experimental evidence seems to indicate that on
fedora 27 with a 4.14 kernel, ptrace
On Fri, 22 Dec 2017 12:28:25 -0800
Laura Abbott wrote:
> Assuming this is https://bugzilla.redhat.com/show_bug.cgi?id=1528633
> This is yet another victim of
>
> commit e37fdb785a5f95ecadf43b773c97f676500ac7b8 (refs/bisect/bad)
> Author: Kees Cook
> Date: Tue Jul 18
On Wed, 3 Jan 2018 09:21:16 -0800
Kees Cook wrote:
> The more interesting thing here is that secureexec is set for a
> process that ISN'T actually setuid. (ptrace of a setuid process). I
> think tha'ts the real bug, but not something I'm going to be able to
> fix quickly. So, for now, I want to
No, not a new security hole (exactly), more of a philosophy
question:
If I exec a setuid program under ptrace, I can read the image via
PEEKDATA requests. Could (or should) that be considered a security
hole? Come to think of it, should any executable with no read
access (setuid or not) be
Andreas Schwab wrote:
Tom Horsley <[EMAIL PROTECTED]> writes:
If I exec a setuid program under ptrace, I can read the image via
PEEKDATA requests.
Only CAP_SYS_PTRACE capable processes get suid/sgid semantics under
ptrace, or can attach to a privileged processes.
Andreas.
I r
As a debugger developer, I find it quite handy when debugging
a real process to use the PTRACE_GET_THREAD_AREA or
PTRACE_GET_ARCH_PRCTL calls to dig up pthread IDs without
having to know too much about the internals of the pthread
library. (It would be even handier if the info was more
consistent
I noticed some previous messages with this subject, but the
walkback I'm getting doesn't match exactly the ones shown
in the threads I saw, so I figured I'd send this in.
This happens on both my Fedora 18 and Fedora 17 partitions
when mounting filesystems from very old servers that
need the
On Fri, 15 Feb 2013 14:22:29 -0500
J. Bruce Fields wrote:
> Any more reports positive or negative welcome.
Well, I don't have the time or energy to try patches on my
system at work, but these seem to be concerned with terminating
an NFS connection. My aborts all happen at boot when it
is trying
On Wed, 3 Jan 2018 09:21:16 -0800
Kees Cook wrote:
> The more interesting thing here is that secureexec is set for a
> process that ISN'T actually setuid. (ptrace of a setuid process). I
> think tha'ts the real bug, but not something I'm going to be able to
> fix quickly. So, for now, I want to
On my fedora 26 box with a 4.13 kernel, when a process
under ptrace control did an exec of a setuid program,
the program lost all of its setuid privileges and
ptrace could operate on it like a normal program.
Experimental evidence seems to indicate that on
fedora 27 with a 4.14 kernel, ptrace
On Fri, 22 Dec 2017 12:28:25 -0800
Laura Abbott wrote:
> Assuming this is https://bugzilla.redhat.com/show_bug.cgi?id=1528633
> This is yet another victim of
>
> commit e37fdb785a5f95ecadf43b773c97f676500ac7b8 (refs/bisect/bad)
> Author: Kees Cook
> Date: Tue Jul 18 15:25:31 2017 -0700
>
>
at.com/show_bug.cgi?id=1528633
> >
> > Reported-by: Tom Horsley
>
> Seems right, any chance we could get a tested-by: Tom? (Did we already
> get that?)
I didn't test it myself, but all I'd do is run the test program
I've attached to the bugzilla above which is trivial com
Every once in a while google-chrome goes into a 100% cpu loop.
I got curious and examined the thread that was running at 100%
and strace says this over and over again till I interrupt it:
gettid()= 1
gettid()= 1
gettid()
The official lkml FAQ links all point to www.tux.org.
There is no DNS entry for any server I've queried for
www.tux.org.
This makes it kind of difficult to read the FAQ.
One example:
tomh> nslookup www.tux.org 8.8.8.8
Server: 8.8.8.8
Address:8.8.8.8#53
** server can't find
I submitted this fedora bugzilla recently:
https://bugzilla.redhat.com/show_bug.cgi?id=1352325
Among other things, it shows a Windows 10 KVM virtual machine
causing strange side effects back on the fedora 24 host, which
sure seems like the sort of thing that might be a security issue.
After
24 matches
Mail list logo