| Age | Commit message (Collapse) | Author | Files | Lines | |
|---|---|---|---|---|---|
| 2007-11-18 | ffix | Michael Kerrisk | 1 | -1/+1 | |
| 2007-09-20 | Fix redundant formatting macros | Michael Kerrisk | 1 | -6/+6 | |
| 2007-09-20 | Change mtk's email address | Michael Kerrisk | 1 | -3/+3 | |
| 2007-09-10 | Add text describing limit on total size of argv + evnp, | Michael Kerrisk | 1 | -1/+43 | |
| and changes that occurred with 2.6.23. Add getopt(3) to SEE ALSO list. | |||||
| 2007-07-18 | ffix | Michael Kerrisk | 1 | -7/+7 | |
| 2007-07-09 | Use 'glibc' consistently to refer to GNU C library. | Michael Kerrisk | 1 | -3/+3 | |
| 2007-07-08 | grfix | Michael Kerrisk | 1 | -2/+2 | |
| 2007-06-22 | ffix | Michael Kerrisk | 1 | -1/+2 | |
| 2007-06-21 | strip trailing white space | Michael Kerrisk | 1 | -17/+17 | |
| 2007-06-21 | Formatted signal names | Michael Kerrisk | 1 | -2/+5 | |
| 2007-06-08 | Change "e.g. " to "e.g., ", or in some cases, "for example, ". | Michael Kerrisk | 1 | -2/+2 | |
| Change "i.e. " to i.e.., ", or in some cases, "that is, ". | |||||
| 2007-06-08 | Corrected minor spelling/wording mistakes (i.e., changes | Michael Kerrisk | 1 | -1/+1 | |
| independent of fixes for American spelling). | |||||
| 2007-06-08 | Convert to American spelling conventions | Michael Kerrisk | 1 | -3/+3 | |
| 2007-06-08 | Add SEE ALSO link to new credentials.7. | Michael Kerrisk | 1 | -0/+1 | |
| 2007-06-08 | Wrap source lines at sentence breaks. | Michael Kerrisk | 1 | -2/+2 | |
| 2007-05-30 | Removed version number from .TH line | Michael Kerrisk | 1 | -1/+1 | |
| 2007-05-26 | Change reference to path_resolution.2 to path_resolutiion.7 | Michael Kerrisk | 1 | -2/+2 | |
| 2007-05-21 | ffix | Michael Kerrisk | 1 | -1/+1 | |
| 2007-05-16 | Made .SH into .SS | Michael Kerrisk | 1 | -1/+1 | |
| 2007-05-12 | Minor repairs after global edits | Michael Kerrisk | 1 | -2/+2 | |
| 2007-05-12 | Convert function formatting of the form "\fBname\fP()" to ".BR name ()". | Michael Kerrisk | 1 | -5/+11 | |
| 2007-05-11 | Add section numbers to references to other pages | Michael Kerrisk | 1 | -1/+2 | |
| 2007-05-01 | Removed some comment text about interpreter scripts, placing | Michael Kerrisk | 1 | -4/+0 | |
| it instead in Changes file. | |||||
| 2007-05-01 | hyphen --> minus | Michael Kerrisk | 1 | -1/+1 | |
| 2007-04-30 | Mention effect of MS_NOSUID mount(2) flag for set-user-ID programs. | Michael Kerrisk | 1 | -14/+36 | |
| Expanded description of handling of file descriptors during execve(), adding text to note that descriptors 0, 1, and 2 may be treated specially. | |||||
| 2007-04-30 | Added an example program. | Michael Kerrisk | 1 | -9/+167 | |
| Expanded the discussion of interpreter scripts and the 'optional-arg' argument of an interpreter script. Added text noting that FD_CLOEXEC causes record locks to be released. | |||||
| 2007-04-30 | spfix | Michael Kerrisk | 1 | -1/+1 | |
| 2007-04-30 | Add text noting that Linux allows 'argv' and 'envp' to be | Michael Kerrisk | 1 | -0/+17 | |
| NULL, but warning that this is non-standard and non-portable, and should be avoided in portable programs. Bug filed (http://bugzilla.kernel.org/show_bug.cgi?id=8408) to get this changed, but maybe that won't be done because it is an ABI change. | |||||
| 2007-04-30 | ffix | Michael Kerrisk | 1 | -3/+15 | |
| 2007-04-30 | wfix | Michael Kerrisk | 1 | -1/+1 | |
| 2007-04-12 | Wrapped long lines, wrapped at sentence boundaries; stripped trailing | Michael Kerrisk | 1 | -33/+34 | |
| white space. | |||||
| 2007-04-05 | ffix | Michael Kerrisk | 1 | -2/+0 | |
| 2006-11-26 | Elimitae duplicated text; grfix | Michael Kerrisk | 1 | -4/+1 | |
| 2006-09-13 | The PR_SET_NAME setting is not preserved across an execve(). | Michael Kerrisk | 1 | -0/+7 | |
| 2006-09-06 | s/SUID/set-user-ID/ | Michael Kerrisk | 1 | -6/+8 | |
| s/SGID/set-group-ID/ | |||||
| 2006-09-04 | Added list of process attributes that are not preserved on exec(). | Michael Kerrisk | 1 | -6/+103 | |
| 2006-09-04 | wfix/tfix | Michael Kerrisk | 1 | -1/+1 | |
| 2006-08-04 | Updated CONFOMRING TOs and/or standards references. | Michael Kerrisk | 1 | -1/+1 | |
| 2006-08-03 | Updated CONFORMING TO section | Michael Kerrisk | 1 | -5/+7 | |
| 2006-07-22 | Add text noting that effective IDs are copied to | Michael Kerrisk | 1 | -3/+11 | |
| saved set-IDs during execve(). | |||||
| 2006-04-21 | environ.5 --> environ.7 | Michael Kerrisk | 1 | -1/+1 | |
| 2006-03-07 | Added SEE ALSO pointing to new fexecve.3. | Michael Kerrisk | 1 | -0/+1 | |
| 2006-03-06 | ffix | Michael Kerrisk | 1 | -2/+3 | |
| 2005-11-08 | Improved description of E2BIG error: it relates to the sum | Michael Kerrisk | 1 | -1/+5 | |
| of the bytes in both environment and argument list. | |||||
| 2005-10-20 | Formatting fixes | Michael Kerrisk | 1 | -3/+9 | |
| 2005-10-19 | Formatting fix | Michael Kerrisk | 1 | -1/+1 | |
| 2005-10-19 | Automated unformatting of parentheses using unformat_parens.sh | Michael Kerrisk | 1 | -6/+6 | |
| 2005-07-18 | Classical BSD versions are now always named x.yBSD (formerly | Michael Kerrisk | 1 | -1/+1 | |
| there was a mix of x.yBSD and BSD x.y). | |||||
| 2005-07-18 | Consistent use of "set-user-ID" and "set-group-ID". | Michael Kerrisk | 1 | -2/+2 | |
| 2005-05-31 | Hi Andries, | Michael Kerrisk | 1 | -1/+3 | |
| > The question came up whether execve of a suid binary while being ptraced > would fail or ignore the suid part. The answer today seems to be the > latter: > > E.g. (in 2.6.11) security/dummy.c: > > static void dummy_bprm_apply_creds (struct linux_binprm *bprm, int > unsafe) > { > if (bprm->e_uid != current->uid || bprm->e_gid != current->gid) { > if ((unsafe & ~LSM_UNSAFE_PTRACE_CAP) && > !capable(CAP_SETUID)) { > bprm->e_uid = current->uid; > bprm->e_gid = current->gid; > } > } > } > > and fs/exec.c: > > void compute_creds(struct linux_binprm *bprm) { > int unsafe; > > unsafe = unsafe_exec(current); > security_bprm_apply_creds(bprm, unsafe); > } > > static inline int unsafe_exec(struct task_struct *p) { > int unsafe = 0; > if (p->ptrace & PT_PTRACED) { > if (p->ptrace & PT_PTRACE_CAP) > unsafe |= LSM_UNSAFE_PTRACE_CAP; > else > unsafe |= LSM_UNSAFE_PTRACE; > } > return unsafe; > } > > That is: if the process that calls execve() is being traced, > the LSM_UNSAFE_PTRACE bit is et in unsafe and security_bprm_apply_creds() > will make sure the suid/sgid bits are ignored. > > --- > > In my man page I do not read anything like that. It says > > EPERM The process is being traced, the user is not the superuser and > the file has an SUID or SGID bit set. > and > > If the current program is being ptraced, a SIGTRAP is sent to it after > a successful execve(). > > If the set-uid bit is set on the program file pointed to by filename > the effective user ID of the calling process is changed to that of the > owner of the program file. > > So, maybe this sentence should be amended to read > > If the set-uid bit is set on the program file pointed to by filename > and the current process is not being ptraced, the effective user ID > of the calling process is changed to ... I changed your "current" to "calling" (to be consistent with the rest of the page), but otherwise applied as you suggest. The revision will appear in man-pages-2.03, which I can release any time now. Are you avialable to do an upload tomorrow? | |||||
| 2004-11-03 | Global change of email address for MTK (now: mtk-manpages@gmx.net) | Michael Kerrisk | 1 | -1/+1 | |
| 2004-11-03 | Import of man-pages 1.70man-pages-1.70 | Michael Kerrisk | 1 | -0/+215 | |
 |
index : man-pages/man-pages.git | |
| Linux man pages Sections 2, 3, 4, 5, and 7 | Michael Timothy Kerrisk |
| aboutsummaryrefslogtreecommitdiffstats |