Re: fix must_not_trace_exec() test

From: Chris Wright
Date: Mon Apr 12 2004 - 17:05:54 EST

Next message: Greg KH: "Re: Where did the USB generic scanner driver go? 2.6.5"
Previous message: Jeff Garzik: "Re: 2.6.2-rc3: irq#19 - nobody cared - with an au88xx"
In reply to: Andy Lutomirski: "Re: fix must_not_trace_exec() test"
Next in thread: Martin Hermanowski: "Re: 2.6.5-mm4 (hci_usb module unloading oops)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Andy Lutomirski (luto@xxxxxxxxxxxxx) wrote:
> Olaf Dietsche wrote:
> > Although, I'd rather not lump together unrelated tests without
> > renaming must_not_trace_exec(). Btw, can someone enlighten me what
> > this atomic_read() test is all about.
>
> I assumed that the test was to check if the caller is a thread, but that
> sounds odd -- wouldn't it stop being a thread after the exec anyway?
> Maybe that part happens after compute_creds, so this prevents a race?
> Although I don't see how it could be triggered if the thread never
> entered usermode before getting a new fs/files/sighand.

There's no requirement for CLONE_THREAD when using at least CLONE_FS
and CLONE_FILES. And all of the latter are inherited across execve().
These tests are needed to keep a malicious program from controlling the
setuid program in ways other than ptrace.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "Re: Where did the USB generic scanner driver go? 2.6.5"
Previous message: Jeff Garzik: "Re: 2.6.2-rc3: irq#19 - nobody cared - with an au88xx"
In reply to: Andy Lutomirski: "Re: fix must_not_trace_exec() test"
Next in thread: Martin Hermanowski: "Re: 2.6.5-mm4 (hci_usb module unloading oops)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]