Re: Preventing ptrace()

From: Jason Lunz (lunzat_private)
Date: Thu Jan 09 2003 - 13:15:06 PST

  • Next message: Timo Sirainen: "Re: Preventing ptrace()"

    tssat_private said:
    > Looks like once a process has called setuid(), no-one except root can
    > ptrace() it. I don't see this mentioned very clearly in any man page
    > though (*BSD, Linux).
    
    my ptrace(2) page on debian woody says this:
    
    ERRORS
           EPERM  The  specified  process  cannot be traced.  This could be because
    	      the parent has insufficient privileges; non-root processes cannot
    	      trace processes  that they  cannot  send  signals  to or those
    	      running setuid/setgid programs, for obvious reasons.
                  Alternatively, the process may already be being traced, or be
                  init (pid 1).
    
    Jason
    



    This archive was generated by hypermail 2b30 : Thu Jan 09 2003 - 14:14:08 PST