Re: ptrace patch for vanilla kernel 2.4.20
I make a simple (ugly?) "solution" for that. http://www.maluco.com.br/utils/anti-ptrace.c Its a simple module that I applied at servers that i cannt reboot now. -Thiago Rondon On Thu, Apr 24, 2003 at 12:29:54AM +0200, Mail Operator wrote: > this one worked fine for me: > > http://sinuspl.net/ptrace/ > > I had no problems. > > Greetz > > Konstantin Filtschew > > > - Original Message - > From: "Adam ENDRODI" <[EMAIL PROTECTED]> > To: "debian-security" > Sent: Wednesday, April 23, 2003 7:59 AM > Subject: Re: ptrace patch for vanilla kernel 2.4.20 > > > > On Wed, Apr 23, 2003 at 01:07:22AM +0200, Alexander Schmehl wrote: > > > * Konstantin <[EMAIL PROTECTED]> [030422 23:03]: > > > > > > > can anyone post the patch for the 2.4.20-kernel (from kernel.org) or > give me > > > > an adress I can leech it from. > > > > > > http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/0226.html > > > > > > http://sinuspl.net/ptrace/ > > > > Can you tell me whether these patches are the ones which were > > known to break something? > > > > bit, > > adam > > > > -- > > 1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989 > > finger://[EMAIL PROTECTED] | Some days, my soul's confined > > http://www.keyserver.net | And out of mind > > Sleep forever > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ptrace patch for vanilla kernel 2.4.20
this one worked fine for me: http://sinuspl.net/ptrace/ I had no problems. Greetz Konstantin Filtschew - Original Message - From: "Adam ENDRODI" <[EMAIL PROTECTED]> To: "debian-security" Sent: Wednesday, April 23, 2003 7:59 AM Subject: Re: ptrace patch for vanilla kernel 2.4.20 > On Wed, Apr 23, 2003 at 01:07:22AM +0200, Alexander Schmehl wrote: > > * Konstantin <[EMAIL PROTECTED]> [030422 23:03]: > > > > > can anyone post the patch for the 2.4.20-kernel (from kernel.org) or give me > > > an adress I can leech it from. > > > > http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/0226.html > > > > http://sinuspl.net/ptrace/ > > Can you tell me whether these patches are the ones which were > known to break something? > > bit, > adam > > -- > 1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989 > finger://[EMAIL PROTECTED] | Some days, my soul's confined > http://www.keyserver.net | And out of mind > Sleep forever > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >
Re: ptrace patch for vanilla kernel 2.4.20
On Wed, Apr 23, 2003 at 09:35:32AM +0200, Alexander Schmehl wrote: > > * Adam ENDRODI <[EMAIL PROTECTED]> [030423 07:59]: > > > > http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/0226.html > > > http://sinuspl.net/ptrace/ > > Can you tell me whether these patches are the ones which were > > known to break something? > > I didn't heard of a patch to break something, yet. The second one > applied clean, and I didn't encountered any problems on four different > machines. > Did I miss something? There've been some problems, I'm afraid. Here's what I've found in the archives of lkml: Thread ``Oops: ptrace fix buggy'': http://marc.theaimsgroup.com/?t=10497185861&r=1&w=2 Thread ``ptrace patch side-effects on 2.4.x'': http://marc.theaimsgroup.com/?t=10497176421&r=1&w=2 Thread ``ptrace fix changes output of ps ax'': http://marc.theaimsgroup.com/?t=10496842512&r=1&w=2 Thread ``after ptrace patch'': http://marc.theaimsgroup.com/?t=10494832403&r=1&w=2 Especially http://marc.theaimsgroup.com/?l=focus-linux&m=104990668007208&w=2 : # Yes, the most annoying side effect of the ptrace patch is that it broke # the ability to strace a non-root process. Very secure, but it makes # troubleshooting quite difficult. The most sensible workaround I've heard is disabling kmod (CONFIG_KMOD=n). bit, adam -- 1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989 finger://[EMAIL PROTECTED] | Some days, my soul's confined http://www.keyserver.net | And out of mind Sleep forever
Re: ptrace patch for vanilla kernel 2.4.20
Good morning, * Adam ENDRODI <[EMAIL PROTECTED]> [030423 07:59]: > > http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/0226.html > > http://sinuspl.net/ptrace/ > Can you tell me whether these patches are the ones which were > known to break something? I didn't heard of a patch to break something, yet. The second one applied clean, and I didn't encountered any problems on four different machines. Did I miss something? cu Alex -- PGP key on demand, mailto:[EMAIL PROTECTED] with subject "get pgp-key" pgpnXjhUIvspC.pgp Description: PGP signature
Re: ptrace patch for vanilla kernel 2.4.20
On Wed, Apr 23, 2003 at 01:07:22AM +0200, Alexander Schmehl wrote: > * Konstantin <[EMAIL PROTECTED]> [030422 23:03]: > > > can anyone post the patch for the 2.4.20-kernel (from kernel.org) or give me > > an adress I can leech it from. > > http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/0226.html > > http://sinuspl.net/ptrace/ Can you tell me whether these patches are the ones which were known to break something? bit, adam -- 1024D/37B8D989 954B 998A E5F5 BA2A 3622 82DD 54C2 843D 37B8 D989 finger://[EMAIL PROTECTED] | Some days, my soul's confined http://www.keyserver.net | And out of mind Sleep forever
Re: ptrace patch for vanilla kernel 2.4.20
* Konstantin <[EMAIL PROTECTED]> [030422 23:03]: > can anyone post the patch for the 2.4.20-kernel (from kernel.org) or give me > an adress I can leech it from. http://www.ussg.iu.edu/hypermail/linux/kernel/0303.2/0226.html http://sinuspl.net/ptrace/ cu Alex -- PGP key on demand, mailto:[EMAIL PROTECTED] with subject "get pgp-key" pgpUSICeMVZ2w.pgp Description: PGP signature
