Re: ssh-agent and socket permission check

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 25 Jul 2014, Igor Bukanov wrote:

> On 25 July 2014 00:09, Damien Miller <djm@xxxxxxxxxxx> wrote:
> 
> > It shouldn't be anyway. We ship it setgid by default and also use
> > prctl()
> > on Linux to prevent ptrace()
> 
> So with that setup on Linux it is not possible for an ordinary account to
> read memory of ssh-agent barring a kernel bug? In any case, as in my case
> everything runs in a container with no setuid/setguid binaries available,
> that would not help.

If you are on Linux then prctl will still prevent ptrace, even without
setgid.

So yeah, your attacker will need root or a kernel bug.

You can try it yourself: "gdb -p $SSH_AGENT_PID /usr/bin/ssh-agent"

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev




[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux