Bug 210012

Summary: fc6- kernel allows stracing of kernel threads
Product: [Fedora] Fedora Reporter: Arjan van de Ven <arjan>
Component: kernelAssignee: Dave Jones <davej>
Status: CLOSED CURRENTRELEASE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: davej, mjc, pfrields, roland, wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: kernel-2.6.18-1.2753.fc6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-10-31 04:54:29 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Arjan van de Ven 2006-10-09 15:03:34 UTC 
Description of problem:

strace -p <pid of a kernel thread>

does not give permission denied!
Comment 1 Arjan van de Ven 2006-10-09 16:26:43 UTC 
(strace is a security sensitive operation, someone needs to evaluate how serious
this is)
Comment 2 Roland McGrath 2006-10-10 04:19:55 UTC 
This is a simple check accidentally omitted when converting the ptrace entry
checks for the new utrace-based code.  It only affects the kthread case (tasks
with no ->mm), and the uid and LSM checks are still performed so this can only
be done by root (and perhaps can't be done under selinux policy, don't know).
I don't think it rises to the level of a security concern.

I have a fix on its way.
Comment 3 Roland McGrath 2006-10-10 04:24:01 UTC 
I committed the fixed utrace patch to kernel/devel, it will be in davej's next
kernel build.  I only wish this were a more interesting and auspicious bug to go
with the palindromic bug number.
Comment 4 Roland McGrath 2006-10-31 04:54:29 UTC 
This was fixed in the FC-6 release kernel.