CRED: Guard the setprocattr security hook against ptrace - linux

diff options

author	David Howells <dhowells@redhat.com>	2009-05-08 14:55:27 +0200
committer	James Morris <jmorris@namei.org>	2009-05-11 00:15:39 +0200
commit	107db7c7dd137aeb7361b8c2606ac936c0be58ff (patch)
tree	7e8e024bbed52ac111a0b2ac878da1a95752c28b /security
parent	CRED: Rename cred_exec_mutex to reflect that it's a guard against ptrace (diff)
download	linux-107db7c7dd137aeb7361b8c2606ac936c0be58ff.tar.xz linux-107db7c7dd137aeb7361b8c2606ac936c0be58ff.zip

CRED: Guard the setprocattr security hook against ptrace

Guard the setprocattr security hook against ptrace by taking the target task's cred_guard_mutex around it. The problem is that setprocattr() may otherwise note the lack of a debugger, and then perform an action on that basis whilst letting a debugger attach between the two points. Holding cred_guard_mutex across the test and the action prevents ptrace_attach() from doing that. Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>

Diffstat (limited to 'security')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: