> Yes, that is exactly why i wouldn't deploy it in
> any mission critical environment.
--- linux-2.2.19/fs/exec.c Mon Mar 26 07:13:23 2001
+++ linux/fs/exec.c Tue Oct 9 05:00:50 2001
@@ -552,12 +645,11 @@
}
/*
- * We mustn't allow tracing of suid binaries, unless
- * the tracer has the capability to trace anything..
+ * We mustn't allow tracing of suid binaries, no matter what.
+ *** There's nothing wrong with allowing root to ptrace
+ *** a setuid-binary. Allowing a process to elevate it's
+ *** privileges while continuing to ptrace another, OTOH,
+ *** isn't really a bright idea. --rw
*/
static inline int must_not_trace_exec(struct task_struct * p)
{
- return (p->flags & PF_PTRACED) && !cap_raised(p->p_pptr->cap_effective, CAP_SYS_PTRACE);
+ return (p->flags & PF_PTRACED);
}
/*
But I suppose that your mission is that critical that you
cannot be bothered with following bugtraq. That 'someone'
stumbled over */../*/../* & friends again isn't really news
either.
Luckily, this would only DoS a Linux-based system and
even the BSD libc, which had contained internal overflows
leading to possible root compromises this way since ten
years ago (whatever), has been fixed 'somewhen' around the
first quarter of 2001.
> If i don't like it i don't have to use it. That's exactly
> my point. I won't be using it.
WTF cares?
> FreeBSD and Solaris don't have wacky political
> agendas attached.
[^] # Les différences
Posté par Gilles Cuesta . En réponse à la dépêche DMCA, quand tu nous tiens. Évalué à 5.
> any mission critical environment.
--- linux-2.2.19/fs/exec.c Mon Mar 26 07:13:23 2001
+++ linux/fs/exec.c Tue Oct 9 05:00:50 2001
@@ -552,12 +645,11 @@
}
/*
- * We mustn't allow tracing of suid binaries, unless
- * the tracer has the capability to trace anything..
+ * We mustn't allow tracing of suid binaries, no matter what.
+ *** There's nothing wrong with allowing root to ptrace
+ *** a setuid-binary. Allowing a process to elevate it's
+ *** privileges while continuing to ptrace another, OTOH,
+ *** isn't really a bright idea. --rw
*/
static inline int must_not_trace_exec(struct task_struct * p)
{
- return (p->flags & PF_PTRACED) && !cap_raised(p->p_pptr->cap_effective, CAP_SYS_PTRACE);
+ return (p->flags & PF_PTRACED);
}
/*
But I suppose that your mission is that critical that you
cannot be bothered with following bugtraq. That 'someone'
stumbled over */../*/../* & friends again isn't really news
either.
Luckily, this would only DoS a Linux-based system and
even the BSD libc, which had contained internal overflows
leading to possible root compromises this way since ten
years ago (whatever), has been fixed 'somewhen' around the
first quarter of 2001.
> If i don't like it i don't have to use it. That's exactly
> my point. I won't be using it.
WTF cares?
> FreeBSD and Solaris don't have wacky political
> agendas attached.
Except yours, of course.