summaryrefslogtreecommitdiff
path: root/netsniff-ng.c
AgeCommit message (Expand)AuthorFilesLines
2013-03-16netsniff-ng: if we cannot get intermediate pcap statistics, panicDaniel Borkmann1-1/+5
2013-03-16netsniff-ng trafgen: check return value of pull_and_flush_ringDaniel Borkmann1-1/+12
2013-03-16netsniff-ng: do not leak file descriptors on exitDaniel Borkmann1-9/+6
2013-03-15all: import netsniff-ng 0.5.8-rc0 sourceDaniel Borkmann1-0/+1369
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-09-29 12:35:28 +0000
net-next.git/commit/?id=9430066a15d6f55a3d008a6f99bb462480870207'>9430066a15d6f55a3d008a6f99bb462480870207 (diff)
Yama: allow access for the current ptrace parent
Under ptrace_scope=1, it's possible to have a tracee that is already ptrace-attached, but is no longer a direct descendant. For instance, a forking daemon will be re-parented to init, losing its ancestry to the tracer that launched it. The tracer can continue using ptrace in that state, but it will be denied other accesses that check PTRACE_MODE_ATTACH, like process_vm_rw and various procfs files. There's no reason to prevent such access for a tracer that already has ptrace control anyway. This patch adds a case to ptracer_exception_found to allow access for any task in the same thread group as the current ptrace parent. Signed-off-by: Josh Stone <jistone@redhat.com> Cc: Kees Cook <keescook@chromium.org> Cc: James Morris <james.l.morris@oracle.com> Cc: "Serge E. Hallyn" <serge@hallyn.com> Cc: linux-security-module@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: James Morris <james.l.morris@oracle.com>
Diffstat