Przeglądaj źródła

Similar to 077327f8, avoid ptrace(2) warnings in apparmor on Ubuntu

Bryan Drewery 11 lat temu
rodzic
commit
4e89f5ccdd
2 zmienionych plików z 7 dodań i 0 usunięć
  1. 1 0
      doc/UPDATES
  2. 6 0
      src/shell.cc

+ 1 - 0
doc/UPDATES

@@ -1,5 +1,6 @@
 maint
   * Disable demo TCL support by default to prevent confusion during build.
+  * Avoid apparmor ptrace(2) warnings on Ubuntu
 
 1.4.5
   * Remove ahbl as it now positively identifies all hosts as abusive

+ 6 - 0
src/shell.cc

@@ -328,6 +328,12 @@ void check_trace(int start)
         }
         exit(0);
       default:		//parent
+#ifdef PR_SET_PTRACER
+        // Allow the child to debug the parent on Ubuntu
+        // https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace
+        // XXX: This is probably racy with the child's ptrace(2) attempt.
+        prctl(PR_SET_PTRACER, x, 0, 0, 0);
+#endif
         waitpid(x, NULL, 0);
     }
 #endif