This is the mail archive of the mailing list for the GDB project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: unable to attach to setuid program that as reverted it privilege

On Mon, Apr 14, 2008 at 09:32:34AM -0400, Reynolds, Brandon wrote:
> > This is documented as allowing core files to be created for setuid
> > programs.  What I am using it for is to allow gdb run as a non-root
> > user to connect to setuid programs that have _permanently_ given up
> > their root privilege.  Without suid_dumpable enabled, gdb will fail
> > with a EPERM error even tho the target program is no longer running as
> > root and can not reacquire root privilege ( a good default behavior ).

Consider the suid root ping program, it aquires a SOCK_RAW socket, and
then drops privileges. If you were allowed to attach to it after it has
dropped privileges, you could wait for it to get the socket, then
PTRACE_ATTACH and PTRACE_POKE in your own code, which now has a raw
socket that it can use for any purpose it likes.

Obviously, this cannot be permitted (i'm sure some operating systems get
it wrong though :-)).

Thanks, Tavis.

------------------------------------- | finger me for my gpg key.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]