Hi,
I have a program that starts as root and changes uid/gid to a non-root
user on linux. I'd like to run strace -p on that process as non-root
but I do only get ptrace(PTRACE_ATTACH, ...): Operation not
permitted. I can send kill to that program though as that non-root user.
Anybody care to explain what magic is neccessary for a root program to
reduce priv level so that an unpriv process can strace -p that program:
Attach is a small program that changes uid from root to "news".
Try to strace that program in another window:
## in window 1
echo '
#include <sys/types.h>
#include <unistd.h>
#define UID 9
int main(char **argv, int argc) {
setresgid(UID, UID, UID);
gid_t list[2];
list[0] = UID;
list[1] = 0;
setgroups(1, list);
setresuid(UID, UID, UID);
while (1) {
sleep(1);
write(1, "hello\n", 6);
}
return 1;
}
' > /tmp/ffo.c
gcc -o /tmp/ffo /tmp/ffo.c
super sh
/tmp/ffo
## in window 2
su news
strace -p $(ps -ef | grep ffo | grep -v grep | awk '{print $2}')
attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted
## kill is ok though
kill $(ps -ef | grep ffo | grep -v grep | awk '{print $2}')
--
Kind regards,
Ole Bjorn Hessen.
Telenor
----------
--
To unsubscribe from this list: send the line "unsubscribe linux-c-programming" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
