chiark
/
gitweb
/
~ian
/
gnupg2.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Avoid simple memory dumps via ptrace
[gnupg2.git]
/
agent
/
gpg-agent.c
diff --git
a/agent/gpg-agent.c
b/agent/gpg-agent.c
index f4ed6c5c4cb06590145e7c283bc8c8fdc2b2b2b4..f5ecea544cb92f8293bdc89830fe788691d9191a 100644
(file)
--- a/
agent/gpg-agent.c
+++ b/
agent/gpg-agent.c
@@
-48,6
+48,9
@@
# include <signal.h>
#endif
#include <npth.h>
# include <signal.h>
#endif
#include <npth.h>
+#ifdef HAVE_PRCTL
+# include <sys/prctl.h>
+#endif
#define GNUPG_COMMON_NEED_AFLOCAL
#include "agent.h"
#define GNUPG_COMMON_NEED_AFLOCAL
#include "agent.h"
@@
-947,6
+950,11
@@
main (int argc, char **argv )
early_system_init ();
early_system_init ();
+#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
+ /* Disable ptrace on Linux without sgid bit */
+ prctl(PR_SET_DUMPABLE, 0);
+#endif
+
/* Before we do anything else we save the list of currently open
file descriptors and the signal mask. This info is required to
do the exec call properly. */
/* Before we do anything else we save the list of currently open
file descriptors and the signal mask. This info is required to
do the exec call properly. */
~ian / gnupg2.git / blobdiff