mailing list archives
ptrace exploit workaround
From: Juraj Bednar <juraj () bednar sk>
Date: Tue, 18 Mar 2003 23:57:25 +0100
while waiting for kernel compilations from Debian (and while waiting
for my kernel compilations to finish), I coded a single module,
which acts as a workaround for one particular exploit I found in one
1.) I don't guarantee, that it will protect you from other
exploits (it won't).
2.) I guarantee, it won't break anything (actually it will break
some occassional ptrace situations, but for simple gdb and stuff,
this is ok).
3.) I don't guarantee it will work. It may freeze your machine.
4.) I'm not a linux kernel module coder. If you'll come with
something better, drop me a note.
5.) Against this exploit, simple chmod 700 /proc would suffice
(since it wants to open /proc/self/exe). This is somehow cleaner.
6.) It should unload correctly, if it won't freeze your system
(see point 3:).
Anyways, as a simple workaround, it works for me, so I thought I'll
post it, it may help you overcome this ugly time.
Compilation instruction in source comment.
- ptrace exploit workaround Juraj Bednar (Mar 18)