gdb and suid binaries - security?
Michael Elizabeth Chastain
mec@shout.net
Wed Apr 3 07:52:00 GMT 2002
This is a well known case. The kernel does a permission check at the
time that the parent starts tracing the child (or Process A attaches to
Process B). In the linux kernel, this check is in "ptrace_attach"
in file kernel/ptrace.c.
> Oddly enough I've noticed that this actually fails on both FreeBSD
> and Linux but it almost seems to be some mechanism outside of gdb.
> Does anyone know how this works?
gdb is an unprivileged process. It just calls ptrace() a lot, or it
reads and write /proc a lot. It's the kernel's job to deny gdb from
attaching to privileged processes, just as it's the kernel's job to deny
"cat > /etc/passwd" for unprivileged users.
Michael C
More information about the Gdb
mailing list