Subject: Re: ktrace and P_SUGID
To: Jason R Thorpe <thorpej@wasabisystems.com>
From: None <itojun@iijlab.net>
List: tech-security
Date: 06/28/2002 12:46:44
> > Log Message:
> > disallow ktrace on P_SUGID.  from openbsd
>What does this actually fix?  As it is, ktrace will stop tracing when
>you exec a sugid executable, and ktrace -p to attach to an existing
>sugid process already returns "operation not permitted".

	forbids ktrace on binaries that have changed pid from root to your
	own uid, for instance, sshd in privsep jail.

itojun