diff options
author | Chris Wright <chrisw@sous-sol.org> | 2006-03-25 06:07:41 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-03-25 11:22:56 -0500 |
commit | d4eb82c783992551c574580eb55fddc8bb006ad0 (patch) | |
tree | 912aa24f162342bffae86a0c3e4713700a9e5c66 | |
parent | 12b5989be10011387a9da5dee82e5c0d6f9d02e7 (diff) |
[PATCH] make cap_ptrace enforce PTRACE_TRACME checks
PTRACE_TRACEME doesn't have proper capabilities validation when parent is
less privileged than child. Issue pointed out by Ram Gupta
<ram.gupta5@gmail.com>.
Note: I haven't identified a strong security issue, and it's a small ABI
change that could break apps that rely on existing behaviour (which allows
parent that is less privileged than child to ptrace when child does
PTRACE_TRACEME).
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Cc: Ram Gupta <ram.gupta5@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | security/commoncap.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/security/commoncap.c b/security/commoncap.c index 8a6e097f99ea..841eb4e5c62b 100644 --- a/security/commoncap.c +++ b/security/commoncap.c | |||
@@ -60,8 +60,8 @@ int cap_settime(struct timespec *ts, struct timezone *tz) | |||
60 | int cap_ptrace (struct task_struct *parent, struct task_struct *child) | 60 | int cap_ptrace (struct task_struct *parent, struct task_struct *child) |
61 | { | 61 | { |
62 | /* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */ | 62 | /* Derived from arch/i386/kernel/ptrace.c:sys_ptrace. */ |
63 | if (!cap_issubset (child->cap_permitted, current->cap_permitted) && | 63 | if (!cap_issubset(child->cap_permitted, parent->cap_permitted) && |
64 | !capable(CAP_SYS_PTRACE)) | 64 | !__capable(parent, CAP_SYS_PTRACE)) |
65 | return -EPERM; | 65 | return -EPERM; |
66 | return 0; | 66 | return 0; |
67 | } | 67 | } |