From owner-freebsd-bugs  Tue Sep 15 15:11:20 1998
Return-Path: <owner-freebsd-bugs@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id PAA20567
          for freebsd-bugs-outgoing; Tue, 15 Sep 1998 15:11:20 -0700 (PDT)
          (envelope-from owner-freebsd-bugs@FreeBSD.ORG)
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA20369
          for <freebsd-bugs@FreeBSD.org>; Tue, 15 Sep 1998 15:10:31 -0700 (PDT)
          (envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.8.8/8.8.5) id PAA02489;
	Tue, 15 Sep 1998 15:10:03 -0700 (PDT)
Date: Tue, 15 Sep 1998 15:10:03 -0700 (PDT)
Message-Id: <199809152210.PAA02489@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.ORG
From: Niall Smart <rotel@indigo.ie>
Subject: Re: kern/7858: GDB (ptrace?) can touch almost any executable
Reply-To: Niall Smart <rotel@indigo.ie>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

The following reply was made to PR kern/7858; it has been noted by GNATS.

From: Niall Smart <rotel@indigo.ie>
To: cagney@tpgi.com.au, FreeBSD-gnats-submit@FreeBSD.ORG,
        cagney@andrew1.lnk.telstra.net
Cc:  Subject: Re: kern/7858: GDB (ptrace?) can touch almost any executable
Date: Tue, 15 Sep 1998 22:55:07 +0000

 On Sep 8,  5:05pm, Andrew Cagney wrote:
 } Subject: kern/7858: GDB (ptrace?) can touch almost any executable
 > 
 > 	GDB can be used to change the modify/creation dates of files
 > 	the user doesn't own.
 > 
 > 	Suspect PTRACE security hole.
 
 I wouldn't call this a security hole, in fact it looks very like
 the bug that randomly changes the modification dates of files.
 
 > 
 > Check the files date:
 > 
 > 	cagney@b1.cygnus.com$ date ; /bin/ls -lT reread
 > 	Tue Sep  8 16:54:03 EST 1998
 > 	-rwxr-xr-x  1 root  wheel  11710 Sep  8 16:52:57 1998 reread
 
 
 > Run GDB vis:
 > 
 > 	cagney@b1.cygnus.com$ /usr/bin/gdb ./reread 
 
 
 > 
 > Until eventually (~30 seconds?).
 > 
 > 	cagney@b1.cygnus.com$ date ; /bin/ls -lT reread
 > 	Tue Sep  8 16:55:28 EST 1998
 > 	-rwxr-xr-x  1 root  wheel  11710 Sep  8 16:55:27 1998 reread
 > 
 > shows up....
 
 Ring any bells for anyone?  A solution to this might fix that
 other bug.
 
 Niall
 
 -- 
 Niall Smart, rotel@indigo.ie.
 Amaze your friends and annoy your enemies:
 echo '#define if(x) if (!(x))' >> /usr/include/stdio.h

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message