Hi.
Mac OS X has a PT_DENY_ATTACH argument to ptrace(2) which does what
it says on the tin:
PT_DENY_ATTACH
This request is the other operation used by the traced
process; it allows a process that is not currently being
traced to deny future traces by its parent. All other
arguments are ignored. If the process is currently being
traced, it will exit with the exit status of ENOTSUP; oth-
erwise, it sets a flag that denies future traces. An
attempt by the parent to trace a process which has set this
flag will result in a segmentation violation in the parent
Any reason not to use it in platform_disable_tracing() ?
diff --git a/configure.ac b/configure.ac
index f5e1378..88c4633 100644
--- a/configure.ac
+++ b/configure.ac
@@ -405,6 +405,7 @@ AC_CHECK_HEADERS([ \
sys/poll.h \
sys/prctl.h \
sys/pstat.h \
+ sys/ptrace.h \
sys/select.h \
sys/stat.h \
sys/stream.h \
diff --git a/platform-tracing.c b/platform-tracing.c
index 81020e7..4c80a28 100644
--- a/platform-tracing.c
+++ b/platform-tracing.c
@@ -20,6 +20,9 @@
#if defined(HAVE_SYS_PRCTL_H)
#include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */
#endif
+#ifdef HAVE_SYS_PTRACE_H
+#include <sys/ptrace.h>
+#endif
#ifdef HAVE_PRIV_H
#include <priv.h> /* For setpflags() and __PROC_PROTECT */
#endif
@@ -40,4 +43,9 @@ platform_disable_tracing(int strict)
if (setpflags(__PROC_PROTECT, 1) != 0 && strict)
fatal("unable to make the process untraceable");
#endif
+#ifdef PT_DENY_ATTACH
+ /* Mac OS X */
+ if (ptrace(PT_DENY_ATTACH, 0, 0, 0) == -1 && strict)
+ fatal("unable to set PT_DENY_ATTACH");
+#endif
}
--
Darren Tucker (dtucker at zip.com.au)
GPG key 11EAA6FA / A86E 3E07 5B19 5880 E860 37F4 9357 ECEF 11EA A6FA (new)
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
