Date: Sun, 7 Oct 2001 11:56:41 +1000 (EST) From: Bruce Evans <bde@zeta.org.au> To: Robert Watson <rwatson@FreeBSD.ORG> Cc: Dag-Erling Smorgrav <des@ofug.org>, Peter Wemm <peter@wemm.org>, <arch@FreeBSD.ORG> Subject: Re: Removing ptrace(2)'s dependency on procfs(5) Message-ID: <20011007114736.D5499-100000@delplex.bde.org> In-Reply-To: <Pine.NEB.3.96L.1011006095018.66473D-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 6 Oct 2001, Robert Watson wrote: > Well, I guess the decision I was trying to look at was: > > (1) Is it a global security policy that debugging primitives may never be > applied to kernel processes. > > (2) Is it a syntactic property of the debugging primitive that it *cannot* > be applied to kernel processes. I'd like to have separate flags for these attributes. We currently abuse P_SYSTEM for init to prevent debugging and/or swapping of them. This breaks harmless things like /proc/1/map and obfuscates the security checks for init. Most places depend on the P_SYSTEM check to handle init, but at least kern_sig.c still uses both the P_SYSTEM check and a check of init's magic pid. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011007114736.D5499-100000>