Return to BSD News archive
Xref: sserve comp.bugs.4bsd:1908 comp.unix.bsd:5213 Path: sserve!manuel!munnari.oz.au!spool.mu.edu!sdd.hp.com!cs.utexas.edu!sun-barr!ames!pacbell.com!rtech!usblues!tom From: tom@usblues.rt.com (Tom Markson) Newsgroups: comp.bugs.4bsd,comp.unix.bsd Subject: ktrace security hole in net/2? Message-ID: <32@usblues.UUCP> Date: 17 Sep 92 08:49:55 GMT Organization: /dev/null, Inc Lines: 18 When using ktrace, I found that I could trace setuid processeses even if I don't have read permission on the binary. I am running BSDI bsd/386. I know that in SVR4, the truss command will not allow you to trace setuid processes due to security implications. Is this a security hole? I ran su under ktrace and kdump happily dumped out several encrypted user passwords for me. I was not in the "wheel" group so the su failed, but I was still able to draw out some passwords using ktrace/kdump. Is the solution to check if the user invoking ktrace has "read" permission on the file before allowing a trace? Is the SVR4 solution of disallowing the tracing of setuid programs correct? -- Tom Markson tom@usblues.rt.com