|
我有以下代码.它只是调用ptrace(PTRACE_TRACEME)然后进入无限循环.
我有两个问题.
1. after executing this binary,I can't attach gdb even if I am root.
2. with ptrace(PTRACE_TRACEME),I can't terminate the process with Ctrl-C (SIGINT). it simply stops.
能有人解释我的原因吗?
先感谢您.
PS.我知道大多数调试器会分叉子,并在’execve()之前调用ptrace(PTRACE_TRACEME)’.没必要提醒我这个.
#include <sys/ptrace.h>
#include <sys/reg.h>
#include <sys/wait.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>
int main(int argc,char **argv) {
printf("my pid : %dn",getpid());
ptrace(PTRACE_TRACEME);
while(1){
printf("euid : %dn",geteuid());
sleep(2);
}
return 0;
}
解决方法
after executing this binary,I can’t attach gdb even if I am root.
来自man ptrace:
ERRORS
EPERM The specified process cannot be traced. This could be
because the parent has insufficient privileges (the required
capability is CAP_SYS_PTRACE); non-root processes cannot trace
processes that they cannot send signals to or those running
set-user-ID/set- group-ID programs,for obvious reasons.
Alternatively,the process may already be being traced,or be init(8) (PID 1).
with ptrace(PTRACE_TRACEME),I can’t terminate the process with Ctrl-C (SIGINT). it simply stops.
来自man ptrace:
DESCRIPTION
While being traced,the child will stop each time a signal is
delivered,even if the signal is being ignored. (The exception is SIGKILL,which has its usual effect.) The parent will be notified at its next wait(2) and may inspect and modify the child process while it is stopped. The parent then causes the child to continue,optionally ignoring the delivered signal (or even delivering a different signal instead).
(编辑:云计算网_泰州站长网)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
浙公网安备 33038102330476号