Disable tracing on FreeBSD using procctl. (OpenSSH Portable 8.8)

mike tancsa mike at sentex.net
Fri Oct 15 21:04:21 AEDT 2021 

On 10/14/2021 10:32 PM, Darren Tucker wrote:
> On Fri, 15 Oct 2021 at 13:15, mike tancsa <mike at sentex.net> wrote:
> [...]
>> OK, I think its related to these settings. On my RELENG_13 box, if I set
>> these vals, the sftp fails
>>
>> sftp-server[22121]: fatal: unable to make the process untraceable: No
>> such process
>>
>>    sysctl -w security.bsd.see_other_uids=0
>> sysctl -w security.bsd.see_other_gids=0
> The call is:
>      procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace)
>
> The second argument is PID, presumably pid 0 is an alias for its own
> pid although the man page does not mention this.  Does it work if you
> replace the 0 with getpid() ?

Thanks Darren! That seems to fix it both in my jailed instance on 
RELENG_12 as well as on a couple of RELENG_13 boxes I tested on. I 
tested with the attached diff against what was in the portable tarball. 
I am not sure including the pid in the fatal error message is safe or 
not, but I put it in there but it never got to that stage in my testing.

     ---Mike


-------------- next part --------------
--- platform-tracing.c  2021-09-26 10:03:19.000000000 -0400
+++ /tmp/platform-tracing.c     2021-10-15 06:00:05.606329000 -0400
@@ -15,7 +15,10 @@
  */
 
 #include "includes.h"
-
+#if defined(HAVE_PROCCTL)
+#include <string.h>
+#include <unistd.h>
+#endif
 #include <sys/types.h>
 #ifdef HAVE_SYS_PROCCTL_H
 #include <sys/procctl.h>
@@ -40,22 +43,25 @@
        /* On FreeBSD, we should make this process untraceable */
        int disable_trace = PROC_TRACE_CTL_DISABLE;
 
-       if (procctl(P_PID, 0, PROC_TRACE_CTL, &disable_trace) && strict)
-               fatal("unable to make the process untraceable");
+       if (procctl(P_PID, getpid(), PROC_TRACE_CTL, &disable_trace) && strict)
+               fatal("unable to make the process untraceable: %s for pid %d",
+                   strerror(errno), (int)getpid());
 #endif
 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
        /* Disable ptrace on Linux without sgid bit */
        if (prctl(PR_SET_DUMPABLE, 0) != 0 && strict)
-               fatal("unable to make the process undumpable");
+               fatal("unable to make the process undumpable: %s",
+                   strerror(errno));
 #endif
 #if defined(HAVE_SETPFLAGS) && defined(__PROC_PROTECT)
        /* On Solaris, we should make this process untraceable */
        if (setpflags(__PROC_PROTECT, 1) != 0 && strict)
-               fatal("unable to make the process untraceable");
+               fatal("unable to make the process untraceable: %s",
+                   strerror(errno));
 #endif
 #ifdef PT_DENY_ATTACH
        /* Mac OS X */
        if (ptrace(PT_DENY_ATTACH, 0, 0, 0) == -1 && strict)
-               fatal("unable to set PT_DENY_ATTACH");
+               fatal("unable to set PT_DENY_ATTACH: %s", strerror(errno));
 #endif
 }

More information about the openssh-unix-dev mailing list