On Mon, 2015-05-18 at 02:07 +0000, Sheng Yong wrote:
> From: Mark Grondona <mgrondona@xxxxxxxx>
>
> commit 73af963f9f3036dffed55c3a2898598186db1045 upstream.
>
> __ptrace_may_access() checks get_dumpable/ptrace_has_cap/etc if task !=
> current, this can can lead to surprising results.
>
> For example, a sub-thread can't readlink("/proc/self/exe") if the
> executable is not readable. setup_new_exec()->would_dump() notices that
> inode_permission(MAY_READ) fails and then it does
> set_dumpable(suid_dumpable). After that get_dumpable() fails.
>
> (It is not clear why proc_pid_readlink() checks get_dumpable(), perhaps we
> could add PTRACE_MODE_NODUMPABLE)
>
> Change __ptrace_may_access() to use same_thread_group() instead of "task
> == current". Any security check is pointless when the tasks share the
> same ->mm.
[...]
Queued up for 3.2, thanks.
Ben.
--
Ben Hutchings
One of the nice things about standards is that there are so many of them.
Attachment:
signature.asc
Description: This is a digitally signed message part