oss-sec mailing list archives
Re: Disabling ptrace
From: nisse () lysator liu se (Niels Möller)
Date: Wed, 02 Jan 2019 11:21:27 +0100
Jakub Wilk <jwilk () jwilk net> writes:
* Niels Möller <nisse () lysator liu se>, 2019-01-01, 12:27:Matthew Fernandez <matthew.fernandez () gmail com> writes:E.g. you can attach to the victim process with gdb/ptrace and simply read its memory, if the sysadmin has not blocked this with Yama or similar.I think one can disable this in the process itself, using prctl with PR_SET_DUMPABLE. But documentation is a bit unclear and doesn't exlicitly mention effect on ptraceThe prctl(2) man page reads: “Processes that are not dumpable can not be attached via ptrace(2) PTRACE_ATTACH; see ptrace(2) for further details.”
Thanks, I somehow missed that. So prctl should be the right tool, then.
(and other debugging interfaces).What other interfaces do you have in mind?
I had the impression that ptrace was old-fashined, and that current gdb used other interfaces via /proc (with permissions also affected by prctl). But I may be mistaken; I've never looked into those details. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid 368C6677. Internet email is subject to wholesale government surveillance.
Current thread:
- Re: Asserts considered harmful (or GMP spills its sensitive information) Matthew Fernandez (Jan 01)
- Disabling ptrace (was Re: [oss-security] Asserts considered harmful (or GMP spills its sensitive information)) Niels Möller (Jan 01)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- Re: Disabling ptrace Niels Möller (Jan 02)
- Re: Disabling ptrace Jakub Wilk (Jan 02)
- <Possible follow-ups>
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 01)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) halfdog (Jan 02)
- Re: Re: Asserts considered harmful (or GMP spills its sensitive information) Simon McVittie (Jan 01)
- Disabling ptrace (was Re: [oss-security] Asserts considered harmful (or GMP spills its sensitive information)) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Vincent Lefevre (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Torbjörn Granlund (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Jeffrey Walton (Jan 01)
- Re: Asserts considered harmful (or GMP spills its sensitive information) Niels Möller (Jan 01)