ptrace problem - confounded, dazed and confused at the inconsistencies

ptrace problem - confounded, dazed and confused at the inconsistencies

Shachar Shemesh shachar at shemesh.biz
Wed Oct 27 17:52:26 IST 2010 

On 27/10/10 15:40, shimi wrote:
>
>
> On Wed, Oct 27, 2010 at 3:38 PM, shimi <linux-il at shimi.net 
> <mailto:linux-il at shimi.net>> wrote:
>
>     On Wed, Oct 27, 2010 at 2:07 PM, Shachar Shemesh
>     <shachar at shemesh.biz <mailto:shachar at shemesh.biz>> wrote:
>
>
>         For threads, there is a strange set of events taking place.
>         Both for strace and for fakeroot-ng, the clone system call
>         gets modified. For both, the new thread created has the same
>         debugger as the parent. For strace, the debugger runs "wait",
>         receives the child's pid, and handles it accordingly. For
>         fakeroot-ng, "wait" never reports the child.
>
>         Running strace on the debugger shows that the exact same
>         ptrace commands are sent. I will happily send them to anyone
>         who wishes to have a look.
>
>         How can two programs do the same thing on the same system, and
>         yet get such different results?
>
>     Not that I am an expert in this (I wouldn't even say I am novice
>     ;) just a simple many-years-strace-user...), I am really guessing
>     here and may be saying complete nonsense :)
>
>     ...But perhaprs it's related to the fact that in your
>     implementation they (the tracer and the tracee) both run on
>     different UIDs (with the tracing process trying to trace a process
>     that runs by a different user [which btw is 'more powerful']) and
>     that's sort of a security feature?
>
>
> (by "running on different UIDs" I of course mean "think that they are 
> [running on...])
>
Last I checked, the kernel didn't care what two user space programs do 
to each other. As far as the kernel is concerned, all processes are of 
the same UID (which is the whole point of fakeroot, and, by extension, 
fakeroot-ng).

Shachar


-- 
Shachar Shemesh
Lingnu Open Source Consulting Ltd.
http://www.lingnu.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20101027/aabe4140/attachment.html>

More information about the Linux-il mailing list