Bug 210012
Summary: | fc6- kernel allows stracing of kernel threads | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Arjan van de Ven <arjan> |
Component: | kernel | Assignee: | Dave Jones <davej> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Brian Brock <bbrock> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | rawhide | CC: | davej, mjc, pfrields, roland, wtogami |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | kernel-2.6.18-1.2753.fc6 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-10-31 04:54:29 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Arjan van de Ven
2006-10-09 15:03:34 UTC
(strace is a security sensitive operation, someone needs to evaluate how serious this is) This is a simple check accidentally omitted when converting the ptrace entry checks for the new utrace-based code. It only affects the kthread case (tasks with no ->mm), and the uid and LSM checks are still performed so this can only be done by root (and perhaps can't be done under selinux policy, don't know). I don't think it rises to the level of a security concern. I have a fix on its way. I committed the fixed utrace patch to kernel/devel, it will be in davej's next kernel build. I only wish this were a more interesting and auspicious bug to go with the palindromic bug number. This was fixed in the FC-6 release kernel. |