[SECURITY PATCH]: inconsistant checks in sys_ptrace

Chris Evans (chris@ferret.lmh.ox.ac.uk)
Mon, 17 May 1999 21:51:04 +0100 (GMT)

Hi Linus,

In the arch/ section, sys_ptrace is inconsistant in its security checks.
Several archs miss the new cap_issubset check. Some other archs miss
various uid/gid checks.

This patch (untested, written by hand) fixes the security problems on
non-i386 archs.

Could you apply it please? Perhaps put it in 2.3.4 and if no compile
failures/objections result, 2.2.10 could probably do with it too.

Cheers
Chris

diff -ru arch.orig/alpha/kernel/ptrace.c arch/alpha/kernel/ptrace.c
--- arch.orig/alpha/kernel/ptrace.c Wed Dec 30 00:17:00 1998
+++ arch/alpha/kernel/ptrace.c Mon May 17 21:37:06 1999
@@ -506,7 +506,8 @@
(current->uid != child->uid) ||
(current->gid != child->egid) ||
(current->gid != child->sgid) ||
- (current->gid != child->gid))
+ (current->gid != child->gid) ||
+ (!cap_issubset(child->cap_permitted, current->cap_permitted)))
&& !capable(CAP_SYS_PTRACE))
goto out;
/* the same process cannot be attached many times */
diff -ru arch.orig/arm/kernel/ptrace.c arch/arm/kernel/ptrace.c
--- arch.orig/arm/kernel/ptrace.c Wed Sep 9 16:56:58 1998
+++ arch/arm/kernel/ptrace.c Mon May 17 21:38:19 1999
@@ -580,6 +580,7 @@
(current->uid != child->uid) ||
(current->gid != child->egid) ||
(current->gid != child->sgid) ||
+ (!cap_issubset(child->cap_permitted, current->cap_permitted)) ||
(current->gid != child->gid)) && !capable(CAP_SYS_PTRACE))
goto out;
/* the same process cannot be attached many times */
diff -ru arch.orig/mips/kernel/ptrace.c arch/mips/kernel/ptrace.c
--- arch.orig/mips/kernel/ptrace.c Tue Oct 20 21:52:54 1998
+++ arch/mips/kernel/ptrace.c Mon May 17 21:39:20 1999
@@ -297,6 +297,7 @@
(current->uid != child->uid) ||
(current->gid != child->egid) ||
(current->gid != child->sgid) ||
+ (!cap_issubset(child->cap_permitted, current->cap_permitted)) ||
(current->gid != child->gid)) &&
!capable(CAP_SYS_PTRACE)) {
res = -EPERM;
diff -ru arch.orig/ppc/kernel/ptrace.c arch/ppc/kernel/ptrace.c
--- arch.orig/ppc/kernel/ptrace.c Thu Apr 29 20:39:01 1999
+++ arch/ppc/kernel/ptrace.c Mon May 17 21:41:31 1999
@@ -330,8 +330,12 @@
if ((!child->dumpable ||
(current->uid != child->euid) ||
(current->uid != child->uid) ||
+ (current->uid != child->suid) ||
(current->gid != child->egid) ||
- (current->gid != child->gid)) && !capable(CAP_SYS_PTRACE))
+ (current->gid != child->gid) ||
+ (current->gid != child->sgid) ||
+ (!cap_issubset(child->cap_permitted, current->cap_permitted)))
+ && !capable(CAP_SYS_PTRACE))
goto out;
/* the same process cannot be attached many times */
if (child->flags & PF_PTRACED)
diff -ru arch.orig/sparc/kernel/ptrace.c arch/sparc/kernel/ptrace.c
--- arch.orig/sparc/kernel/ptrace.c Wed Mar 24 23:10:40 1999
+++ arch/sparc/kernel/ptrace.c Mon May 17 21:44:08 1999
@@ -540,6 +540,7 @@
if((!child->dumpable ||
(current->uid != child->euid) ||
(current->uid != child->uid) ||
+ (current->uid != child->suid) ||
(current->gid != child->egid) ||
(current->gid != child->sgid) ||
(!cap_issubset(child->cap_permitted, current->cap_permitted)) ||
diff -ru arch.orig/sparc64/kernel/ptrace.c arch/sparc64/kernel/ptrace.c
--- arch.orig/sparc64/kernel/ptrace.c Wed Mar 24 23:10:28 1999
+++ arch/sparc64/kernel/ptrace.c Mon May 17 21:44:54 1999
@@ -603,6 +603,7 @@
if((!child->dumpable ||
(current->uid != child->euid) ||
(current->uid != child->uid) ||
+ (current->uid != child->suid) ||
(current->gid != child->egid) ||
(current->gid != child->sgid) ||
(!cap_issubset(child->cap_permitted, current->cap_permitted)) ||

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/