Bug#4523: strace and I/O errors
You (Ian Jackson) wrote:
> Please do not apply Frank Neumann's patch.
Hmm, I must have missed something here.
> This will break strace on systems where mmap on /proc/<pid>/mem is
> prohibited except to root. (This restriction is part of a security
> measure which should be supported, given the history of horrible
> security holes with /proc.)
This was only the case in a few 2.0.x releases. Later versions have this
fixed; mmap on /proc/pid/mem is allowed if you are ptrace'ing the process
(since the PTRACE_ATTACH already did the nessecary persission checks)
so strace works again.
I don't know what the Debian-1.1.8 kernel does (2.0.6 right?) I think
we should have a 2.0.21 kernel for Debian-1.1.9 (boot floppy and kernel
package).
This fixed a hole that has been in Linux up to 2.0.1 or so (including
1.2.13, 1.0.9 etc) where _anyone_ can become root with a simple exploit
program. When 2.0.x becomes stable, perhaps I'll post the exploit program
so that everyone _has_ to upgrade..
Mike.
--
Miquel van | Cistron Internet Services -- Alphen aan den Rijn.
Smoorenburg, | mailto:info@cistron.nl http://www.cistron.nl/
miquels@cistron.nl | The truth is out there. 42.
Reply to: