On Thu, 06 Dec 2001, Keith Warno wrote:
> Hmm. Is strace supposed to be capable of tracing setuid programs (ie,
> su) when executed by mortal users? I always thought this was a big
> no-no.
Seems to me it drops permissions instead of not allowing the trace.
--- 8< --- cut here --- 8< ---
dmg@jolt:[pts/4]:~$ cat euid.c
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
int main() { printf("euid=%d\n", geteuid()); }
dmg@jolt:[pts/4]:~$ ls -l ./euid
-rwsr-sr-x 1 root root 5039 Dec 6 01:46 ./euid
dmg@jolt:[pts/4]:~$ ./euid
euid=0
dmg@jolt:[pts/4]:~$ strace -o /dev/null ./euid
euid=1000
dmg@jolt:[pts/4]:~$
--- 8< --- cut here --- 8< ---
Damian
--
Damian Gryski ==> dgryski@uwaterloo.ca | Linux, the choice of a GNU generation
512 pt Hacker Test score = 37% | 500 pt Nerd Test score = 56%
geek / linux zealot / coder / juggler
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Dec 07 2001 - 21:00:32 EST