Re: ptrace versus setuid changes in 4.14?

2017-12-22 Thread Kees Cook
On Fri, Dec 22, 2017 at 12:55 PM, Tom Horsley wrote: > On Fri, 22 Dec 2017 12:28:25 -0800 > Laura Abbott wrote: > >> Assuming this is https://bugzilla.redhat.com/show_bug.cgi?id=1528633 >> This is yet another victim of >> >> commit e37fdb785a5f95ecadf43b773c97f676500ac7b8

Re: ptrace versus setuid changes in 4.14?

2017-12-22 Thread Kees Cook
On Fri, Dec 22, 2017 at 12:55 PM, Tom Horsley wrote: > On Fri, 22 Dec 2017 12:28:25 -0800 > Laura Abbott wrote: > >> Assuming this is https://bugzilla.redhat.com/show_bug.cgi?id=1528633 >> This is yet another victim of >> >> commit e37fdb785a5f95ecadf43b773c97f676500ac7b8 (refs/bisect/bad) >>

Re: ptrace versus setuid changes in 4.14?

2017-12-22 Thread Tom Horsley
On Fri, 22 Dec 2017 12:28:25 -0800 Laura Abbott wrote: > Assuming this is https://bugzilla.redhat.com/show_bug.cgi?id=1528633 > This is yet another victim of > > commit e37fdb785a5f95ecadf43b773c97f676500ac7b8 (refs/bisect/bad) > Author: Kees Cook > Date: Tue Jul 18

Re: ptrace versus setuid changes in 4.14?

2017-12-22 Thread Tom Horsley
On Fri, 22 Dec 2017 12:28:25 -0800 Laura Abbott wrote: > Assuming this is https://bugzilla.redhat.com/show_bug.cgi?id=1528633 > This is yet another victim of > > commit e37fdb785a5f95ecadf43b773c97f676500ac7b8 (refs/bisect/bad) > Author: Kees Cook > Date: Tue Jul 18 15:25:31 2017 -0700 > >

Re: ptrace versus setuid changes in 4.14?

2017-12-22 Thread Laura Abbott
On 12/21/2017 06:18 AM, Tom Horsley wrote: On my fedora 26 box with a 4.13 kernel, when a process under ptrace control did an exec of a setuid program, the program lost all of its setuid privileges and ptrace could operate on it like a normal program. Experimental evidence seems to indicate

Re: ptrace versus setuid changes in 4.14?

2017-12-22 Thread Laura Abbott
On 12/21/2017 06:18 AM, Tom Horsley wrote: On my fedora 26 box with a 4.13 kernel, when a process under ptrace control did an exec of a setuid program, the program lost all of its setuid privileges and ptrace could operate on it like a normal program. Experimental evidence seems to indicate

ptrace versus setuid changes in 4.14?

2017-12-21 Thread Tom Horsley
On my fedora 26 box with a 4.13 kernel, when a process under ptrace control did an exec of a setuid program, the program lost all of its setuid privileges and ptrace could operate on it like a normal program. Experimental evidence seems to indicate that on fedora 27 with a 4.14 kernel, ptrace

ptrace versus setuid changes in 4.14?

2017-12-21 Thread Tom Horsley
On my fedora 26 box with a 4.13 kernel, when a process under ptrace control did an exec of a setuid program, the program lost all of its setuid privileges and ptrace could operate on it like a normal program. Experimental evidence seems to indicate that on fedora 27 with a 4.14 kernel, ptrace