On 2013-06-18 14:22:16 -0400, Samuel Bronson wrote: > On Tue, Jun 18, 2013 at 8:51 AM, Vincent Lefevre <vinc...@vinc17.net> wrote: > > > On 2013-06-18 14:25:59 +0200, Vincent Lefevre wrote: > > > I don't know about ptrace, but I'm using a standard Debian kernel > > > (linux-image-3.9-1-amd64 Debian package). > > > > For the ptrace problem, it could be related to that: > > > > https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace%20Protection > > > > and indeed: > > > > ypig:~> cat /proc/sys/kernel/yama/ptrace_scope > > 1 > > > > Setting it to 0 is obviously not the right thing to do. The solution > > must be implemented in gdb (e.g. by being suid root and dropping > > permissions when possible... or something else...). > > > > Running iceweasel from gdb may be a workaround, but this may be too > > late (e.g. to get a backtrace of some frozen process). > > > > Allowing GDB to attach to running processes in this manner would almost > completely undermine the ptrace protection, though: baddies could then just > make gdb do their dirty work for them, especially now that we have Python > scripting ...
Well, it's normally not possible to run GDB unless the attacker has a shell access. And if the attacker has a shell access, he can already do more or less anything he wants because he has a full access to the user's files (config files, environment variable settings, etc.). The Ubuntu page mentions a remote attacker (via a compromised Firefox) only. At least it should be possible to be protected in such a case, while allowing debugging tools like gdb to work normally. > So we won't be giving anyone a false sense of security this way. I don't understand what you mean here. > (Besides which, I believe it would be a LOT of work to restructure GDB to > allow this without also accidentally allowing users to do evil things like > attaching to system daemons, writing to system files, etc.) So, you don't want users to be able to send useful bug reports when some process randomly freezes? At least there's a huge lack of documentation, and this is not serious! Other people also wonder, e.g.: http://www.winehq.org/pipermail/wine-devel/2010-September/087056.html -- Vincent Lefèvre <vinc...@vinc17.net> - Web: <http://www.vinc17.net/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.net/blog/> Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
