From owner-freebsd-bugs  Thu May  8 08:20:07 1997
Return-Path: <owner-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id IAA02422
          for bugs-outgoing; Thu, 8 May 1997 08:20:07 -0700 (PDT)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id IAA02398;
          Thu, 8 May 1997 08:20:05 -0700 (PDT)
Resent-Date: Thu, 8 May 1997 08:20:05 -0700 (PDT)
Resent-Message-Id: <199705081520.IAA02398@hub.freebsd.org>
Resent-From: gnats (GNATS Management)
Resent-To: freebsd-bugs
Resent-Reply-To: FreeBSD-gnats@FreeBSD.ORG,
        Received:(from nobody@localhost) by.hub.freebsd.org.id.IAA02039;Thu; (8.8.5/8.8.5);,
        8 May 1997 08:12:44.-0700 (PDT)
Message-Id: <199705081512.IAA02039@hub.freebsd.org>
Date: Thu, 8 May 1997 08:12:44 -0700 (PDT)
From: mfuhr@dimensional.com
To: freebsd-gnats-submit@FreeBSD.ORG
X-Send-Pr-Version: www-1.0
Subject: kern/3547: ktrace works even if no read permission
Sender: owner-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


>Number:         3547
>Category:       kern
>Synopsis:       ktrace works even if no read permission
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu May  8 08:20:04 PDT 1997
>Last-Modified:
>Originator:     Michael Fuhr
>Organization:
Unspecified
>Release:        2.2-STABLE
>Environment:
FreeBSD winnie.pooh.org 2.2-STABLE FreeBSD 2.2-STABLE #0:
Wed May  7 19:19:10 MDT 1997
root@winnie.pooh.org:/usr/src/sys/compile/WINNIE-CDROM  i386
>Description:
Process tracing (options KTRACE) works on executables that
have no read permission (--x--x--x), even for group or others.
Read permission is usually turned off to keep users from knowing
some information about how the program works or what files it
accesses.

Granted that security by obscurity isn't a good policy, but some
people prefer to use it anyway, just to make the cracker's job
a little harder.
>How-To-Repeat:
1.  Write a "hello, world" program in C and compile it.
2.  Put the program in a world-accessible directory.
3.  chmod 111 program
4.  Run "ktrace program" as a different user.
5.  Run "kdump" as the different user.

>Fix:
Haven't investigated thoroughly.  Probably an additional check
in kern/kern_trace.c, function ktrcanset().
>Audit-Trail:
>Unformatted: