>Certainly ptrace has been used to both trace and modify running >binaries, by gdb, strace, dumpmem[1], memfetch[2] and others.
You forgot system call tracker hijacking. DS On Jan 17, 2008 1:08 PM, Muli Ben-Yehuda <[EMAIL PROTECTED]> wrote: > On Thu, Jan 17, 2008 at 12:45:10PM +0200, Shachar Shemesh wrote: > > > Fakeroot-ng is a (as far as I know) first attempt to do the things > > usually done with LD_PRELOAD using the ptrace mechanism. It was both > > the trigger and the root cause of this lecture. > > Not sure what you mean by "things usually done with LD_PRELOAD?" > Certainly ptrace has been used to both trace and modify running > binaries, by gdb, strace, dumpmem[1], memfetch[2] and others. I think > I even gave a haifux talk on run-time modification of programs using > ptrace for fun an profit a few years ago. > > > The lecture will look at fakeroot, fakechroot, fakeroot-ng and > > strace, at varying degrees of depths, mostly because all four chose > > slightly different approaches for solving, fundamentally, the same > > problem. > > They did? > > Sounds like an interesting talk, will try to attend. > > [1] http://www.mulix.org/dumpmem.html > [2] http://lcamtuf.coredump.cx/soft/memfetch.tgz > > Cheers, > Muli > > _______________________________________________ > Haifux mailing list > [EMAIL PROTECTED] > http://hamakor.org.il/cgi-bin/mailman/listinfo/haifux > ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
