Re: kernel ptrace bug

To: Martynas Domarkas <md@hansa.lt>, debian-security@lists.debian.org
Subject: Re: kernel ptrace bug
From: xbud <xbud@g0thead.com>
Date: Wed, 19 Mar 2003 16:29:38 -0600
Message-id: <[🔎] 200303191629.38178.xbud@g0thead.com>
In-reply-to: <[🔎] 1048087085.2192.56.camel@otpaba>
References: <[🔎] 1048087085.2192.56.camel@otpaba>

On Wednesday 19 March 2003 09:18, Martynas Domarkas wrote:
> Grsecurity patch can limit ordinary user use ptrace. Can it help avoid
> ptrace exploit?
>
>
> Martynas

yes for the most part limiting access to /proc/self/exe breaks the exploit.

http://www.hardrock.org/kernel/2.4.20/linux-2.4.20-ptrace.patch

The patch seems to remove all access to ptrace calls even for root though, I 
don't see how this _fixes_ anything other than breaking the exploit.

didn't look into that much so correct me if I'm wrong.

-- 
------------------------------
Orlando Padilla
http://www.g0thead.com/xbud.asc
------------------------------

Reply to:

References:
- kernel ptrace bug
  - From: Martynas Domarkas <md@hansa.lt>

Prev by Date: Re: is iptables enough?
Next by Date: Ptrace patch for 2.4.x BREAKS kill() 2 interesting effects for .pid and dot locking? (was Re: Ptrace hole / Linux 2.2.25)
Previous by thread: Re: kernel ptrace bug
Next by thread: Fwd: [ADVISORY] Timing Attack on OpenSSL
Index(es):
- Date
- Thread