On 12/16/11 21:53, Freddy Spierenburg wrote:
Hi (first message) Bart-Jan and (second) Marko,
On Fri, Dec 16, 2011 at 09:32:05PM +0100, Bart-Jan Vrielink wrote:
You shouldn't be able to strace suid programs.
Please enlighten me, why not?
suid/setuid means that the program runs as another user. Being able to
trace system calls for another user is a security risk. When strace is
asked to run a setuid program, it will ignore the setuid bit, which is
not what you want.
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/4eebb135.6060...@vrielink.net
