ACK: [SRU Bionic/Impish 0/1] LP: #1972740 Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option
Andrea Righi
andrea.righi at canonical.com
Tue May 10 06:34:39 UTC 2022
On Mon, May 09, 2022 at 09:42:50PM -0300, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> PTRACE_O_SUSPEND_SECCOMP allows CRIU to disable seccomp on a process.
> However, setting this option requires privilege when used with
> PTRACE_SETOPTIONS. However, when used with PTRACE_SEIZE, no privilege is
> required. This allows sandboxed processes to exit the sandbox if they are
> allowed to use ptrace.
>
> [Test case]
> Run the reproducer from https://bugs.chromium.org/p/project-zero/issues/detail?id=2276.
>
> [Potential regression]
> This may break ptrace users, specially ones using PTRACE_SEIZE or
> PTRACE_SETOPTIONS. Special attention to processes being sandboxed with
> seccomp.
>
> [Other kernels]
> This fix is already applied on 5.15, 5.4 and 5.14 trees, and on the kernels
> in the ppa for cycle 2022.05.09. The reproducer was tested against those
> kernels in the ppas and 5.13 and 4.15 with the fix applied.
>
> Jann Horn (1):
> ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
Looks good to me.
Acked-by: Andrea Righi <andrea.righi at canonical.com>
More information about the kernel-team
mailing list