Andreas Kling 9bf02c32c0 Kernel: Activate SUID/SGID credentials earlier in sys$execve() ...

Switch on the new credentials before loading the new executable into
memory. This ensures that attempts to ptrace() the program from an
unprivileged process will fail.

This covers one bug that was exploited in the 2020 HXP CTF:
https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/

Thanks to yyyyyyy for finding the bug! :^)

2020-12-20 18:49:18 +01:00

25 KiB

Raw Blame History

View Raw