This is the mail archive of the gdb@sourceware.org mailing list for the GDB project.
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
| Other format: | [Raw text] | |
Hi Tavis > The short answer is no, any tricks you attempt to use to prevent > ptrace() can be defeated (some more easily than others), however if you > explain what the "troubles" are there may be a better solution. > damn ;) Ok here is what I am planing: I have an application, lets say a simple text editor, that is used to read/write sensitive information. Now I start gdb, attach it to the process and call "gcore" which - for my understanding - dumps the entire memory of the process to a file. So the core dump reveals my secret data. What I want to do is, to either prevent gdb from attaching and capturing the memory or at least find a way to recognize when a program attaches another. I am a noob regarding the internal system structure, so I dont know exactly what gdb does to attach to a program, but I guess there is a syscall or similar that is used to pass the memory location to gdb and if I block/supervise that, I might find a way around.... Oliver -- Protect your environment - close windows and adopt a penguin! PGP-Key: 3B2C 8095 A7DF 8BB5 2CFF 8168 CAB7 B0DD 3985 1721
Attachment:
signature.asc
Description: OpenPGP digital signature
| Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
|---|---|---|
| Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |