Date: Wed, 8 Nov 2000 23:17:17 -0800 (PST) From: brooks@one-eyed-alien.net To: FreeBSD-gnats-submit@freebsd.org Cc: rwatson@freebsd.org Subject: kern/22711: [PATCH] non-root users can't debug Message-ID: <200011090717.eA97HHK00634@minya.sea.one-eyed-alien.net>
next in thread | raw e-mail | index | archive | help
>Number: 22711
>Category: kern
>Synopsis: [PATCH] non-root users can't debug
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Nov 08 23:20:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Brooks Davis
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
The Aerospace Corp
>Environment:
System: FreeBSD minya 5.0-CURRENT FreeBSD 5.0-CURRENT #0: Wed Nov 8 22:52:59 PST 2000 root@minya:/usr/obj/usr/src/sys/MINYA i386
>Description:
Attempting to run gdb on a process fails. It seems that due to a small
bug, sys/kern/kern_prot.c rev 1.66 tightened things up a little bit too
far.
>How-To-Repeat:
while not root:
$ gdb <any program>
...
(gdb) run
>Fix:
Apply this patch.
Index: sys/kern/kern_prot.c
===================================================================
RCS file: /home/ncvs/src/sys/kern/kern_prot.c,v
retrieving revision 1.66
diff -u -r1.66 kern_prot.c
--- sys/kern/kern_prot.c 2000/10/30 20:30:03 1.66
+++ sys/kern/kern_prot.c 2000/11/09 07:06:05
@@ -1084,7 +1084,7 @@
/* add a CAP_SYS_PTRACE here? */
if (p1->p_cred->pc_ucred->cr_uid != p2->p_cred->p_ruid ||
p1->p_cred->p_ruid != p2->p_cred->p_ruid ||
- p1->p_cred->p_svuid == p2->p_cred->p_ruid ||
+ p1->p_cred->p_svuid != p2->p_cred->p_ruid ||
p2->p_flag & P_SUGID) {
if ((error = suser_xxx(0, p1, PRISON_ROOT)))
return (error);
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200011090717.eA97HHK00634>