On Wed, Oct 7, 2009 at 11:35 AM, Gaurav Aggarwal <grv.aggarwal@xxxxxxxxx> wrote:
GDB doesn't implement the debugging mechanisms itself. It uses the ptrace system call which has been engineered to facilitate debugging. To attach to an already running process ptrace is passed PTRACE_ATTACH as the argument along with pid of the process to be attached to.
A normal user cannot just peek into another user's process by doing a ptrace because, the usual user permission restrictions apply. Thus the violation you refer to does not actually happen.
HTH.
Folks CMIIW.
- P
Hey All,
I do have a doubt not exactly on the kernel side but how exactly the 'gdb attach' command works? Isn't this violates the OS 'memory protection' objective of prevent a process from accessing memory that has not been allocated to it and hence to interfere with other processes memory space?
GDB doesn't implement the debugging mechanisms itself. It uses the ptrace system call which has been engineered to facilitate debugging. To attach to an already running process ptrace is passed PTRACE_ATTACH as the argument along with pid of the process to be attached to.
A normal user cannot just peek into another user's process by doing a ptrace because, the usual user permission restrictions apply. Thus the violation you refer to does not actually happen.
HTH.
Folks CMIIW.
- P
