On Thu, Apr 07, 2005 at 06:55:57PM +0300, Shachar Shemesh wrote: > Yedidyah Bar-David wrote: > > >If you do, note you can't strace a suid exec. To do this, strace -p > >as root. > > > > > From the strace man page: > If strace is installed setuid to root then the invoking user > will be able to attach to and trace pro- > cesses owned by any user. In addition setuid and setgid programs > will be executed and traced with the > correct effective privileges. > > So there is a solution. If you want to use this solution, please do read > the rest of that section at the strace man page, as creating an insecure > setup using this feature is amazingly easy.
Indeed. That's why I usually simply attach with -p. Note that if you try a non-suid strace with something like (as root) # strace -f -o out1 su - user -c command where command eventually runs a suid exec, it won't work well. At least it was so the last time I tried. I am not sure this is a bug, though. -- Didi ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
