On 11/08/2016 01:18 AM, Kees Cook wrote: > On Sat, Nov 5, 2016 at 2:40 PM, Jann Horn <jann@xxxxxxxxx> wrote: >> Signed-off-by: Jann Horn <jann@xxxxxxxxx> > > Thanks Jann! I realize it's already applied, but FWIW: > > Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> > > :) Thanks for checking this, Kees! Cheers, Michael >> --- >> man2/seccomp.2 | 9 +++++++-- >> 1 file changed, 7 insertions(+), 2 deletions(-) >> >> diff --git a/man2/seccomp.2 b/man2/seccomp.2 >> index dc3d87d..8d36fdc 100644 >> --- a/man2/seccomp.2 >> +++ b/man2/seccomp.2 >> @@ -455,8 +455,13 @@ requested by changing the system call to a valid system call number. >> If the tracer asks to skip the system call, then the system call will >> appear to return the value that the tracer puts in the return value register. >> >> -The seccomp check will not be run again after the tracer is notified. >> -(This means that seccomp-based sandboxes >> +.\" This was changed in ce6526e8afa4. >> +.\" A related hole, using PTRACE_SYSCALL instead of SECCOMP_RET_TRACE, was >> +.\" changed in arch-specific commits, e.g. 93e35efb8de4 for X86 and >> +.\" 0f3912fd934c for ARM. >> +Before kernel 4.8, the seccomp check will not be run again after the tracer is >> +notified. >> +(This means that, on older kernels, seccomp-based sandboxes >> .B "must not" >> allow use of >> .BR ptrace (2)\(emeven >> -- >> 2.1.4 >> > > > -- Michael Kerrisk Linux man-pages maintainer; http://www.kernel.org/doc/man-pages/ Linux/UNIX System Programming Training: http://man7.org/training/ -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
