[pull request] [natty, maverick] fix PR_SET_PTRACER

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

[pull request] [natty, maverick] fix PR_SET_PTRACER

Kees Cook-5
This should be applied to both natty and maverick, please. It fixes a bug
in the ptrace restrictions that the Firefox folks uncovered.

The following changes since commit 38eeba0187c013657e563b2a82f8ca384e0bb26c:

  UBUNTU: Ubuntu-2.6.38-6.33 (2011-03-07 15:33:35 +0000)

are available in the git repository at:
  git://kernel.ubuntu.com/kees/ubuntu-natty.git master

Kees Cook (1):
      Yama: use thread group leader when creating match

 security/yama/yama_lsm.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

--
Kees Cook
Ubuntu Security Team

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

Re: [pull request] [natty, maverick] fix PR_SET_PTRACER

Tim Gardner-2
On 03/08/2011 02:41 AM, Kees Cook wrote:
> git://kernel.ubuntu.com/kees/ubuntu-natty.git master

Applied to Natty.

For Maverick:

Acked-by: Tim Gardner <[hidden email]>

--
Tim Gardner [hidden email]

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

Re: [pull request] [natty, maverick] fix PR_SET_PTRACER

Stefan Bader-2
In reply to this post by Kees Cook-5
On 03/08/2011 03:41 AM, Kees Cook wrote:
> git://kernel.ubuntu.com/kees/ubuntu-natty.git master
>

Just for completeness, was this the previous patch that the description is
referring to?

commit 86266876b885a6f08668f39688e68a05f6bfac3c
Author: Kees Cook <[hidden email]>
Date:   Tue Jul 13 09:04:08 2010 -0700

    UBUNTU: SAUCE: Yama: search for PTRACE exceptions via thread group leader

    When looking for PTRACE exceptions, the thread group leader must be used
    otherwise the exceptions can be missed for threaded processes.

Otherwise looks ok.

Acked-by: Stefan Bader <[hidden email]>

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

[APPLIED] [pull request] [natty, maverick] fix PR_SET_PTRACER

Stefan Bader-2
In reply to this post by Kees Cook-5
Applied and pushed to Maverick master-next

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team
Reply | Threaded
Open this post in threaded view
|

Re: [pull request] [natty, maverick] fix PR_SET_PTRACER

Kees Cook-8
In reply to this post by Stefan Bader-2
Hi Stefan,

On Thu, Mar 10, 2011 at 09:41:13AM +0100, Stefan Bader wrote:

> On 03/08/2011 03:41 AM, Kees Cook wrote:
> > git://kernel.ubuntu.com/kees/ubuntu-natty.git master
> >
>
> Just for completeness, was this the previous patch that the description is
> referring to?
>
> commit 86266876b885a6f08668f39688e68a05f6bfac3c
> Author: Kees Cook <[hidden email]>
> Date:   Tue Jul 13 09:04:08 2010 -0700
>
>     UBUNTU: SAUCE: Yama: search for PTRACE exceptions via thread group leader
>
>     When looking for PTRACE exceptions, the thread group leader must be used
>     otherwise the exceptions can be missed for threaded processes.
>
> Otherwise looks ok.

Yeah, that's the one.

> Acked-by: Stefan Bader <[hidden email]>

Thanks!

-Kees

--
Kees Cook
Ubuntu Security Team

--
kernel-team mailing list
[hidden email]
https://lists.ubuntu.com/mailman/listinfo/kernel-team