[PATCH 0/6] utrace: security problems
Roland McGrath
roland at redhat.com
Wed Jul 7 22:46:42 UTC 2010
> > For exec transitions (set-id, file caps, selinux), I'd originally figured
> > an engine's report_exec could check for changes and decide to detach itself
> > if appropriate.
>
> No, it can't. At this point S_ISUID/S_ISGID exid's were already dropped,
> or exec can fail before before tracehook_report_exec().
If an exec fails, nothing changes and there is no security-relevant event
to take notice of. I don't really follow your other comment. But ...
> Yes, agreed, let's forget this for now.
Indeed.
> The only question: do you think the trivial 1st patch is correct?
The one that just adds a macro defined to another existing macro?
Any change that preprocesses out to the same code is "correct", sure...
Thanks,
Roland
More information about the utrace-devel
mailing list