RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 16:57:35 +00:00
Code Issues Activity Actions

Kernel: Prevent execve/ptrace race

Browse source 
Add a per-process ptrace lock and use it to prevent ptrace access to a
process after it decides to commit to a new executable in sys$execve().

Fixes #5230.
This commit is contained in:
Andreas Kling 2021-02-08 23:01:53 +01:00
parent 4b7b92c201
commit 4ff0f971f7
3 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Kernel/Syscalls/ptrace.cpp
View file

@ -57,6 +57,8 @@ static KResultOr<u32> handle_ptrace(const Kernel::Syscall::SC_ptrace_params& par
if (!peer)
return ESRCH;
Locker ptrace_locker(peer->process().ptrace_lock());
if ((peer->process().uid() != caller.euid())
|| (peer->process().uid() != peer->process().euid())) // Disallow tracing setuid processes
return EACCES;