Steffen Dettmer wrote: >* Glynn Clements wrote on Fri, Jan 10, 2003 at 20:32 +0000: >> In 2.4.20, the actual permission checks for ptrace() are (from >> kernel/ptrace.c): >> >> if (!task->mm->dumpable && !capable(CAP_SYS_PTRACE)) >> goto bad; > >This is really "&&"? I had guessed, that if there is no >CAP_SYS_PTRACE, there is no ptrace allowed at all, and same >sounds logical for the "dumpable". What I'm missing? You've got it backwards, I believe. If you've got CAP_SYS_PTRACE, you can ptrace() anything. If you don't have it, you're subject to the normal permission controls. CAP_SYS_PTRACE is a DAC override. Normally you don't have CAP_SYS_PTRACE, unless you're running as the superuser (euid=0).
This archive was generated by hypermail 2b30 : Mon Jan 20 2003 - 15:52:17 PST