From owner-freebsd-hackers  Sun Jul 25 22:51:10 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from kithrup.com (kithrup.com [205.179.156.40])
	by hub.freebsd.org (Postfix) with ESMTP
	id DF56D14C36; Sun, 25 Jul 1999 22:51:08 -0700 (PDT)
	(envelope-from sef@kithrup.com)
Received: (from sef@localhost)
	by kithrup.com (8.8.8/8.8.8) id WAA10899;
	Sun, 25 Jul 1999 22:48:52 -0700 (PDT)
	(envelope-from sef)
Date: Sun, 25 Jul 1999 22:48:52 -0700 (PDT)
From: Sean Eric Fagan <sef@kithrup.com>
Message-Id: <199907260548.WAA10899@kithrup.com>
To: jkoshy@freebsd.org
Subject: Re: deny ktrace without read permissions?
Cc: hackers@freebsd.org
Reply-To: hackers@freebsd.org
In-Reply-To: <199907260544.WAA13646@freefall.freebsd.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>Yes, but an application can protect itself from an inadvertent core dump.
>It can't (today) against being ktrace'd.

You'd better fix ptrace and procfs then.  Of course, that breaks everything
that has always been true, but, hey, it's better to be wrong than right, I
guess?

if you care about security, you made the damned executable suid or sgid.  Then
ktrace, ptrace, truss, and core dumps do not work.  Even if it simply does
setuid(getruid()).



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message