[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#4523: strace and I/O errors



You (Ian Jackson) wrote:
> Please do not apply Frank Neumann's patch.

Hmm, I must have missed something here.

> This will break strace on systems where mmap on /proc/<pid>/mem is
> prohibited except to root.  (This restriction is part of a security
> measure which should be supported, given the history of horrible
> security holes with /proc.)

This was only the case in a few 2.0.x releases. Later versions have this
fixed; mmap on /proc/pid/mem is allowed if you are ptrace'ing the process
(since the PTRACE_ATTACH already did the nessecary persission checks)
so strace works again.

I don't know what the Debian-1.1.8 kernel does (2.0.6 right?) I think
we should have a 2.0.21 kernel for Debian-1.1.9 (boot floppy and kernel
package).

This fixed a hole that has been in Linux up to 2.0.1 or so (including
1.2.13, 1.0.9 etc) where _anyone_ can become root with a simple exploit
program. When 2.0.x becomes stable, perhaps I'll post the exploit program
so that everyone _has_ to upgrade..

Mike.
-- 
   Miquel van      | Cistron Internet Services   --    Alphen aan den Rijn.
   Smoorenburg,    | mailto:info@cistron.nl          http://www.cistron.nl/
miquels@cistron.nl |           The truth is out there. 42.



Reply to: