yes, it does. On 12/16/2011 10:06 PM, frederic ollivier wrote: > sudo -s > > works ? > > > > 2011/12/16 Bart-Jan Vrielink <bart...@vrielink.net>: > >> On 12/16/11 21:53, Freddy Spierenburg wrote: >> >>> Hi (first message) Bart-Jan and (second) Marko, >>> >>> On Fri, Dec 16, 2011 at 09:32:05PM +0100, Bart-Jan Vrielink wrote: >>> >>> >>>> You shouldn't be able to strace suid programs. >>>> >>>> >>> Please enlighten me, why not? >>> >>> >> >> suid/setuid means that the program runs as another user. Being able to trace >> system calls for another user is a security risk. When strace is asked to >> run a setuid program, it will ignore the setuid bit, which is not what you >> want. >> >> >> >> -- >> To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org >> with a subject of "unsubscribe". Trouble? Contact >> listmas...@lists.debian.org >> Archive: http://lists.debian.org/4eebb135.6060...@vrielink.net >> >> > > >
-- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4eebc24f.1040...@gmail.com
