Bugtraq mailing list archives
ptrace and non-readable files
From: Lamagra Argamal <lamagra () HACKERMAIL NET>
Date: Thu, 30 Nov 2000 21:46:13 -0000
At line 920 of fs/exec.c the kernel says if (bprm->e_uid != current->euid || bprm->e_gid != current->egid || permission(bprm->inode,MAY_READ)) current->dumpable = 0; Nevertheless you can trace non-readable files. This might cause "secret" programs to leak information. I came across this, while playing on a wargame (long time ago now), it had a program that gave the password as soon as you got a new level. This was non-readable for the obvious reason, but with the execute right you could just dump the memory of the process and read the content. Simple and quite easy, big problem? not really but still a problem. -lamagra Send someone a cool Dynamitemail flashcard greeting!! And get rewarded. GO AHEAD! http://cards.dynamitemail.com/index.php3?rid=fc-41
Current thread:
- ptrace and non-readable files Lamagra Argamal (Dec 01)