| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 12 Sep 2007 18:48:52 -0500 (CDT) From: Brent Casavant <bcasavan@....com> To: Al Viro <viro@....linux.org.uk> cc: linux-kernel@...r.kernel.org Subject: Re: O_NOLINK for open() On Wed, 12 Sep 2007, Brent Casavant wrote: > On Wed, 12 Sep 2007, Al Viro wrote: > > > Give me a break. And learn about ptrace(2). This "unlinking" bullshit > > buys you zero additional security, both for /proc/*/mem and for /dev/mem > > (see mknod(2)). > > My (limited) understanding of ptrace is that a parent-child > relationship is needed between the tracing process and the traced > process (at least that's what I gather from the man page). This > does give cause for concern, and I might have to see what can be > done to alleviate this concern. I fully realize that making this > design completely unassilable is a fools errand, but closing off > as many attack vectors as possible seems prudent. Hmm. The solution would appear to be as simple as making the target program set-user-id. As long as as the attacker isn't the superuser (or has CAP_SYS_PTRACE) we should be OK. Thanks for the heads-up, Brent -- Brent Casavant All music is folk music. I ain't bcasavan@....com never heard a horse sing a song. Silicon Graphics, Inc. -- Louis Armstrong - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists