On Thu, 2003-01-09 at 23:15, Jason Lunz wrote: > tssat_private said: > > Looks like once a process has called setuid(), no-one except root can > > ptrace() it. I don't see this mentioned very clearly in any man page > > though (*BSD, Linux). > > my ptrace(2) page on debian woody says this: > > ERRORS > EPERM The specified process cannot be traced. This could be because > the parent has insufficient privileges; non-root processes cannot > trace processes that they cannot send signals to or those > running setuid/setgid programs, for obvious reasons. > Alternatively, the process may already be being traced, or be > init (pid 1). You mean the "running setuid/setgid programs"? How is setuid/setgid program defined? I've always thought it was just the +s bit attached to the file. When does the setuidness get cleared; after fork(), exec*(), or ..? Is that standardized somewhere?
This archive was generated by hypermail 2b30 : Fri Jan 10 2003 - 09:50:32 PST