[openssh-commits] [openssh] 01/01: Use ptrace(PT_DENY_ATTACH, ..) on OS X.
git+noreply at mindrot.org
git+noreply at mindrot.org
Tue Nov 1 08:13:09 AEDT 2016
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit 5ee3fb5affd7646f141749483205ade5fc54adaf
Author: Darren Tucker <dtucker at zip.com.au>
Date: Tue Nov 1 08:12:33 2016 +1100
Use ptrace(PT_DENY_ATTACH, ..) on OS X.
---
configure.ac | 1 +
platform-tracing.c | 8 ++++++++
2 files changed, 9 insertions(+)
diff --git a/configure.ac b/configure.ac
index f5e1378..88c4633 100644
--- a/configure.ac
+++ b/configure.ac
@@ -405,6 +405,7 @@ AC_CHECK_HEADERS([ \
sys/poll.h \
sys/prctl.h \
sys/pstat.h \
+ sys/ptrace.h \
sys/select.h \
sys/stat.h \
sys/stream.h \
diff --git a/platform-tracing.c b/platform-tracing.c
index 81020e7..4c80a28 100644
--- a/platform-tracing.c
+++ b/platform-tracing.c
@@ -20,6 +20,9 @@
#if defined(HAVE_SYS_PRCTL_H)
#include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */
#endif
+#ifdef HAVE_SYS_PTRACE_H
+#include <sys/ptrace.h>
+#endif
#ifdef HAVE_PRIV_H
#include <priv.h> /* For setpflags() and __PROC_PROTECT */
#endif
@@ -40,4 +43,9 @@ platform_disable_tracing(int strict)
if (setpflags(__PROC_PROTECT, 1) != 0 && strict)
fatal("unable to make the process untraceable");
#endif
+#ifdef PT_DENY_ATTACH
+ /* Mac OS X */
+ if (ptrace(PT_DENY_ATTACH, 0, 0, 0) == -1 && strict)
+ fatal("unable to set PT_DENY_ATTACH");
+#endif
}
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list