This is the mail archive of the gdb@sources.redhat.com mailing list for the GDB project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
To attach to a process, the kernel requires you have appropriate permissions. Starting program: /bin/su /bin/su: Operation not permitted. This is the same with strace: strace `which su` execve("/bin/su", ["/bin/su"], [/* 60 vars */]) = 0 strace: exec: Operation not permitted It's basically a hole that's been closed by the OS. Kris Warkentin wrote: >Is it true that if gdb is debugging a suid binary then any calls they make >from the debugger are executed as that user? Couldn't one then execute >arbitrary instructions as root if you debugged something like su? Or even >worse, just call setuid(0) and let the program run to completion. > >Oddly enough I've noticed that this actually fails on both FreeBSD and Linux >but it almost seems to be some mechanism outside of gdb. Does anyone know >how this works? > >cheers, > >Kris >
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |