crash handlers and PTRACE in Ubuntu 10.10
Serge E. Hallyn
serge.hallyn at canonical.com
Thu Jun 24 19:15:37 BST 2010
Quoting Kees Cook (kees at ubuntu.com):
> 5) "declared PTRACEing"
> Recognize that the PTRACEing we want to allow is in very specific
> declared situations (i.e. the PID of the debugger is always known by
> the debugee, so have the debugee "declare" that it wishes to be
> debugged). This interface does not exist. It would require the
> creation of something like:
> ptrace(PTRACE_TRACEDBY, debugger_pid, NULL, NULL);
> This would be, at least for now, an Ubuntu-specific extension. For
> KDE applications, this is a trivial change, since the KDE crash
> handler stays in a while loop, calling sleep() until the debugger
> process quits. Chromium would likely need to pass the debugger pid
> back through the segfault handler in the sandbox -- I got lost reading
> the syscall emulation-through-seccomp, so maybe it's as easy as KDE's.
While ptrace(PTRACE_TRACEDBY) is more elegant, if you were to use a
new prctl option then your yama lsm could just handle that. Whereas
to have it handle PTRACE_TRACEDBY, I think you'd have to introduce a
new lsm hook.
-serge
More information about the ubuntu-devel
mailing list