Bug 469432 - PackageKit turns PR_SET_DUMPABLE off when not necessary
PackageKit turns PR_SET_DUMPABLE off when not necessary
Product: Fedora
Classification: Fedora
Component: PackageKit (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Richard Hughes
Fedora Extras Quality Assurance
: Reopened
Depends On:
  Show dependency treegraph
Reported: 2008-10-31 16:17 EDT by James Antill
Modified: 2009-06-03 04:44 EDT (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-06-03 04:44:15 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description James Antill 2008-10-31 16:17:27 EDT
Description of problem:
 You can start gpk-application as:

 strace gpk-application

...however you cannot start gpk-application and then strace it (without changing to root to strace), the reason for this is that PackageKit/lib/packagekit-glib/pk-client.c has:

__attribute__ ((constructor))
void init()
        /* this is a bandaid */
        prctl (PR_SET_DUMPABLE, 0);

...'m not sure if you pasted this from somewhere, or it's a hack to try and solve some real problem with running PK clients as root ... either way, it should not happen for the normal cases.
Comment 1 Richard Hughes 2008-11-01 09:46:57 EDT
I was told by David Zeuthen that this was needed. The following commit added it:

commit 9c724e90e537a8c488c78dfc7b9ecc03e58323a8
Author: Richard Hughes <richard@hughsie.com>
Date:   Mon Apr 14 23:10:32 2008 +0100

   Disable ptrace() and core dumping for applications which use libpackagekit so that local trojans cannot silently abuse privileges
Comment 2 Richard Hughes 2008-11-06 05:56:48 EST
I don't think this harms anything, and anything security related I would prefer to err on the side of caution. If David (PolicyKit maintainer) says it's okay to remove, then I'll do so.
Comment 3 James Antill 2008-11-06 11:15:37 EST
Well I'm worrid about two cases:

1. User can't strace/etc. any running app. linked to PK.

2. If this is a real security problem then it needs to fix the case where the application starts under strace/gdb/whatever.

 David, can you explain the rationale ... in what cases is this needed?
Comment 4 Bug Zapper 2008-11-25 23:35:12 EST
This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle.
Changing version to '10'.

More information and reason for this action is here:
Comment 5 Richard Hughes 2009-06-03 04:44:15 EDT
Should be no longer a problem.

Note You need to log in before you can comment on or make changes to this bug.