4d25ac40ec
Disables setreuid() and similar calls that are disallowed by seccomp.
43 lines
1013 B
Diff
43 lines
1013 B
Diff
diff -uNr strace-4.24/strace.c strace-4.24.mod/strace.c
|
|
--- strace-4.24/strace.c 2018-07-11 03:00:57.000000000 +0300
|
|
+++ strace-4.24.mod/strace.c 2018-10-03 01:15:15.105370170 +0300
|
|
@@ -442,11 +442,7 @@
|
|
static void
|
|
swap_uid(void)
|
|
{
|
|
- int euid = geteuid(), uid = getuid();
|
|
-
|
|
- if (euid != uid && setreuid(euid, uid) < 0) {
|
|
- perror_msg_and_die("setreuid");
|
|
- }
|
|
+ return;
|
|
}
|
|
|
|
static FILE *
|
|
@@ -1182,25 +1178,6 @@
|
|
}
|
|
}
|
|
|
|
- if (username != NULL) {
|
|
- /*
|
|
- * It is important to set groups before we
|
|
- * lose privileges on setuid.
|
|
- */
|
|
- if (initgroups(username, run_gid) < 0) {
|
|
- perror_msg_and_die("initgroups");
|
|
- }
|
|
- if (setregid(run_gid, params->run_egid) < 0) {
|
|
- perror_msg_and_die("setregid");
|
|
- }
|
|
- if (setreuid(run_uid, params->run_euid) < 0) {
|
|
- perror_msg_and_die("setreuid");
|
|
- }
|
|
- } else if (geteuid() != 0)
|
|
- if (setreuid(run_uid, run_uid) < 0) {
|
|
- perror_msg_and_die("setreuid");
|
|
- }
|
|
-
|
|
if (!daemonized_tracer) {
|
|
/*
|
|
* Induce a ptrace stop. Tracer (our parent)
|