Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a warning for suid executables #295

Closed
remram44 opened this issue May 10, 2018 · 1 comment
Closed

Add a warning for suid executables #295

remram44 opened this issue May 10, 2018 · 1 comment
Assignees
@remram44
Labels
A-pr-exists Attention: This issue has an associated pull request already, that should be completed & reviewed C-tracer (C) Component: The C part of the tracer codebase (_pytracer extension) T-enhancement Type: En enhancement to existing code, or a new feature
Milestone
1.0.13

Comments

@remram44
Copy link
Member

If a process under trace exec()s a suid program, it will not get the privileges like it would if it wasn't under trace. Reprozip should warn that this happened.

This is a security feature from Linux, because the tracing process still controls the new process, and would be able to make it do whatever using its privileges.

(see also: #294)
@remram44 remram44 added T-enhancement Type: En enhancement to existing code, or a new feature C-tracer (C) Component: The C part of the tracer codebase (_pytracer extension) labels May 10, 2018
@remram44 remram44 added this to the 1.0.13 milestone May 10, 2018
@remram44 remram44 self-assigned this May 10, 2018
@remram44 remram44 mentioned this issue May 10, 2018
Merged
@remram44 remram44 added the A-pr-exists Attention: This issue has an associated pull request already, that should be completed & reviewed label May 10, 2018
@remram44
Copy link
Member Author

2cb5772 shows the path to that program

@remram44 remram44 mentioned this issue Nov 22, 2019
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@remram44 remram44

Labels
A-pr-exists Attention: This issue has an associated pull request already, that should be completed & reviewed C-tracer (C) Component: The C part of the tracer codebase (_pytracer extension) T-enhancement Type: En enhancement to existing code, or a new feature
Projects
None yet
Milestone
1.0.13
Development

No branches or pull requests
1 participant
@remram44