mirror of https://github.com/mkerrisk/man-pages
ptrace.2: Further fixes after review from Jann Horn
Reported-by: Jann Horn <jann@thejh.net> Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
a330bffa78
commit
78f0786577
|
@ -2183,12 +2183,20 @@ thread group, access is always allowed.
|
|||
.IP 2.
|
||||
If the access mode specifies
|
||||
.BR PTRACE_MODE_FSCREDS ,
|
||||
then for the check in the next step,
|
||||
employ the caller's filesystem user ID and group ID (see
|
||||
.BR credentials (7));
|
||||
otherwise (the access mode specifies
|
||||
then, for the check in the next step,
|
||||
employ the caller's filesystem UID and GID.
|
||||
(As noted in
|
||||
.BR credentials (7),
|
||||
the filesystem UID and GID almost always have the same values
|
||||
as the corresponding effective IDs.)
|
||||
|
||||
Otherwise, the access mode specifies
|
||||
.BR PTRACE_MODE_REALCREDS ,
|
||||
so) use the caller's real user ID and group ID.
|
||||
so use the caller's real UID and GID for the checks in the next step.
|
||||
(Most APIs that check the caller's UID and GID use the effective IDs.
|
||||
For historical reasons, the
|
||||
.BR PTRACE_MODE_REALCREDS
|
||||
check uses the real IDs instead.)
|
||||
.IP 3.
|
||||
Deny access if
|
||||
.I neither
|
||||
|
|
Loading…
Reference in New Issue