From owner-freebsd-hackers Thu Oct 17 14:26:14 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA01130 for hackers-outgoing; Thu, 17 Oct 1996 14:26:14 -0700 (PDT) Received: from lestat.nas.nasa.gov (lestat.nas.nasa.gov [129.99.50.29]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA01121; Thu, 17 Oct 1996 14:26:10 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by lestat.nas.nasa.gov (8.7.5/8.6.12) with SMTP id OAA07806; Thu, 17 Oct 1996 14:14:15 -0700 (PDT) Message-Id: <199610172114.OAA07806@lestat.nas.nasa.gov> X-Authentication-Warning: lestat.nas.nasa.gov: Host localhost [127.0.0.1] didn't use HELO protocol To: guido@gvr.win.tue.nl (Guido van Rooij) Cc: phk@critter.tfs.com, guido@freebsd.org, freebsd-hackers@freebsd.org, tech-userlevel@netbsd.org Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c Reply-To: Jason Thorpe From: Jason Thorpe Date: Thu, 17 Oct 1996 14:14:15 -0700 Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk On Thu, 17 Oct 1996 22:04:45 +0200 (MET DST) guido@gvr.win.tue.nl (Guido van Rooij) wrote: > And what about a user attaching a debugger to a running ftpd... Looking at NetBSD's ptrace(2) (see kern/sys_process.c:sys_ptrace()) system call, we see in the PT_ATTACH case that you cannot attach to a process if: (1) it's the process doing the attaching, (2) it's already being traced, (3) it's not owned by you, or is set-id on exec (unless you're root), or, (4) it's init, which controls the security level of the entire system, and the system was not compiled with permanently insecure mode turned on. So, Joe Random User cannot attach to an ftpd. Jason R. Thorpe thorpej@nas.nasa.gov NASA Ames Research Center Home: 408.866.1912 NAS: M/S 258-6 Work: 415.604.0935 Moffett Field, CA 94035 Pager: 415.428.6939