From owner-freebsd-security  Fri Apr 26 06:45:01 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id GAA07858
          for security-outgoing; Fri, 26 Apr 1996 06:45:01 -0700 (PDT)
Received: from alpha.dsu.edu (ghelmer@alpha.dsu.edu [138.247.32.12])
          by freefall.freebsd.org (8.7.3/8.7.3) with ESMTP id GAA07843
          for <security@freebsd.org>; Fri, 26 Apr 1996 06:44:57 -0700 (PDT)
Received: from localhost (ghelmer@localhost) by alpha.dsu.edu (8.7.5/8.7.3) with SMTP id IAA00928 for <security@freebsd.org>; Fri, 26 Apr 1996 08:44:53 -0500 (CDT)
Date: Fri, 26 Apr 1996 08:44:53 -0500 (CDT)
From: Guy Helmer <ghelmer@alpha.dsu.edu>
To: security@freebsd.org
Subject: ptrace vulnerability, was: Something fishy with our PT_ATTACH code!
In-Reply-To: <29493.830512651@time.cdrom.com>
Message-ID: <Pine.OSF.3.93.960426083930.839B-100000@alpha.dsu.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

On Fri, 26 Apr 1996, Jordan K. Hubbard wrote:

> Just got back from Kirk's usual Thursday-night OS class and while we
> were going through exit1(), I noticed something that looked a little
> odd in the ptrace "reattach" code.  In following it (and it later
> turned out to be correct), I happened to notice the following weird
> behavior with attach and detach: [...]

That reminds me, did BSDI release any information/patches regarding the
ptrace vulnerabilitiy (CERT VB-96.04.bsdi)?  I assume the 4.4BSD-derived
systems had the same ptrace code...

Guy Helmer, Dakota State University Computing Services - ghelmer@alpha.dsu.edu