Re: strace security <feature>

Brandon S. Allbery KF8NH (allbery@kf8nh.apk.net)
Wed, 29 Dec 1999 18:20:46 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: TCP connection simulation"
Previous message: George: "Re: [patch] freeing spinlock when UP."
Maybe in reply to: Richard B. Johnson: "strace security <feature>"

In message <Pine.LNX.3.95.991229174350.384A-100000@chaos.analogic.com>,
"Richar
d B. Johnson" writes:
+-----
| This may not be a kernel issue, but `strace` interacts with it so
| here is the frightening thing:
|
| It is possible for an ordinary user to use `strace` (which by default
| runs SUID-root), to copy a password file to /etc.
+--->8

rushlight:1058 Z$ ls -l `which strace`
-rwxr-xr-x 1 root root 98579 Sep 30 1998 /usr/bin/strace*

The "bug" is presumably that strace is setuid; mine seems to work fine
without it, and I've never done anything to change its permissions:

rushlight:1059 Z$ rpm -qf `which strace`
strace-3.1-11
rushlight:1060 Z$ rpm -V strace
rushlight:1061 Z$ _

-- brandon s. allbery os/2,linux,solaris,perl allbery@kf8nh.apk.net system administrator kthkrb,heimdal,gnome,rt allbery@ece.cmu.edu carnegie mellon / electrical and computer engineering kf8nh We are Linux. Resistance is an indication that you missed the point.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: TCP connection simulation"
Previous message: George: "Re: [patch] freeing spinlock when UP."
Maybe in reply to: Richard B. Johnson: "strace security <feature>"