This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug tapsets/11445] Check that assert_is_my_proc check is within all uprobes/utrace callback entry points


http://sourceware.org/bugzilla/show_bug.cgi?id=11445

Dave Brolley <brolley at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED
         AssignedTo|systemtap at sources dot    |brolley at redhat dot com
                   |redhat.com                  |

--- Comment #2 from Dave Brolley <brolley at redhat dot com> 2011-01-18 19:37:45 UTC ---
Confirmed that all generated uprobes/utrace probes contain the is_myproc safety
net check except for the process.end variants. These probes (unlike all the
others) can fire for unprivileged users when the process does not belong to
them. One example is that a process.end probe will fire for a process which
executes execve on another executable which has the setuid bit set. By the time
the process.end fires, the uid of the process will have already changed to the
new uid.

Unprivileged users using process.end probes (and its variants) are expected to
check the results of is_myproc() before doing anything "dangerous".

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]