git: d952820105d6 - main - ptrace(2): Disabling: Describe influence of security.bsd.see_jail_proc
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 28 Sep 2023 15:10:58 UTC
The branch main has been updated by mhorne: URL: https://cgit.FreeBSD.org/src/commit/?id=d952820105d6a2ad87ddf3bdc6c5fc5215d13b87 commit d952820105d6a2ad87ddf3bdc6c5fc5215d13b87 Author: Olivier Certner <olce.freebsd@certner.fr> AuthorDate: 2023-08-17 23:54:48 +0000 Commit: Mitchell Horne <mhorne@FreeBSD.org> CommitDate: 2023-09-28 15:05:47 +0000 ptrace(2): Disabling: Describe influence of security.bsd.see_jail_proc Reviewed by: mhorne, emaste, pauamma_gundo.com MFC after: 2 weeks Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D41109 --- lib/libc/sys/ptrace.2 | 36 +++++++++++++++++++++--------------- 1 file changed, 21 insertions(+), 15 deletions(-) diff --git a/lib/libc/sys/ptrace.2 b/lib/libc/sys/ptrace.2 index d7d244b1d84a..ae1770315aa5 100644 --- a/lib/libc/sys/ptrace.2 +++ b/lib/libc/sys/ptrace.2 @@ -1,7 +1,7 @@ .\" $NetBSD: ptrace.2,v 1.2 1995/02/27 12:35:37 cgd Exp $ .\" .\" This file is in the public domain. -.Dd December 15, 2022 +.Dd August 18, 2023 .Dt PTRACE 2 .Os .Sh NAME @@ -149,31 +149,37 @@ its scope. The following controls are provided for this: .Bl -tag -width security.bsd.unprivileged_proc_debug .It Dv security.bsd.allow_ptrace -Setting this sysctl to zero value makes +Setting this sysctl to zero makes .Nm return .Er ENOSYS always as if the syscall is not implemented by the kernel. .It Dv security.bsd.unprivileged_proc_debug -Setting this sysctl to zero disallows use of +Setting this sysctl to zero disallows the use of .Fn ptrace by unprivileged processes. .It Dv security.bsd.see_other_uids -Setting this sysctl to zero value disallows +Setting this sysctl to zero prevents .Fn ptrace -requests from targeting processes with the real user identifier different -from the real user identifier of the caller. -The requests return -.Er ESRCH -if policy is not met. +requests from targeting processes with a real user identifier different +from the caller's. +These requests will fail with error +.Er ESRCH . .It Dv security.bsd.see_other_gids -Setting this sysctl to zero value disallows +Setting this sysctl to zero disallows .Fn ptrace -requests from process belonging to a group that is not also one of -the group of the target process. -The requests return -.Er ESRCH -if policy is not met. +requests from processes that have no groups in common with the target process, +considering their sets of real and supplementary groups. +These requests will fail with error +.Er ESRCH . +.It Dv security.bsd.see_jail_proc +Setting this sysctl to zero disallows +.Fn ptrace +requests from processes belonging to a different jail than that of the target +process, even if the requesting process' jail is an ancestor of the target +process'. +These requests will fail with error +.Er ESRCH . .It Dv securelevel and init The .Xr init 1