Re: ptrace vulnerability?

To: debian-security@lists.debian.org
Subject: Re: ptrace vulnerability?
From: Dariush Pietrzak <eyck@forumakad.pl>
Date: Wed, 19 Mar 2003 09:35:31 +0100
Message-id: <[🔎] 20030319083531.GB30683@forumakad.pl>
Mail-followup-to: debian-security@lists.debian.org
In-reply-to: <[🔎] 1048021897.15437.43.camel@shuttle>
References: <[🔎] Pine.LNX.4.44.0303181200130.2245-100000@capitanata.ca.astro.it> <[🔎] 19579954.1048002040@dhcp-55.snre.umich.edu> <[🔎] 1048021897.15437.43.camel@shuttle>

> > His announcement is Slashdotted, and I'm seeing no notice of which versions 
> > are affected!  I'm running 2.4.18 on all my Debian servers, please tell me 
> > what's going on.
same here...:(

Why most this patch does is change kernel_thread into arch_kernel_thread?

only usefull thing I see is addedd check for 'is_dumpable' in
ptrace_check_attach, and is_dumpable macro that checks tsk and also tsk->mm
for 'is_dumpable'. 

Is this ok?
-- 
Dariush Pietrzak,
Key fingerprint = 40D0 9FFB 9939 7320 8294  05E0 BCC7 02C4 75CC 50D9

Reply to:

References:
- ptrace vulnerability?
  - From: Giacomo Mulas <gmulas@ca.astro.it>
- Re: ptrace vulnerability?
  - From: Jason Rashaad Jackson <jrashaad@umich.edu>
- Re: ptrace vulnerability?
  - From: Mark Janssen <maniac@maniac.nl>

Prev by Date: Re: ptrace vulnerability?
Next by Date: Re: Current OpenSSL vulnerability (CAN-2003-0147)
Previous by thread: Re: ptrace vulnerability?
Next by thread: Re: ptrace vulnerability?
Index(es):
- Date
- Thread