This is the mail archive of the
mailing list for the elfutils project.
Re: Trying not call elfutils functions in ABRT under root
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Wed, 30 Nov 2016 12:08:56 +0100
- Subject: Re: Trying not call elfutils functions in ABRT under root
On Wed, 2016-11-30 at 08:00 +0000, Adam Sulc wrote:
> im using elfutils in ABRT program specifically when generating
> core_backtrace. According to this
> https://github.com/abrt/abrt/issues/890 post, it is not a good idea
> using elfutils under root. So I have tried moving as much elfutils
> function calls to non-root process as possible. That means the parent
> process is forked and in child process there are opened necessary
> Is there any way how I can pass the opened files to elfutils
> functions? Especially for "/etc/[tid]/mem" which is needed in
> dwfl_linux_proc_find_elf that is part of Dwfl_Callbacks proc_cb ?
You wrote /etc, but I assume you meant /proc files.
Instead of using dwfl_linux_proc_report you can use
dwfl_linux_proc_maps_report which you can pass a file. But some of the
other proc files might be opened by the library itself if necessary when
working on an running process. If you change the UID to the user running
that process you should still be able to open those files.
Alternatively if you ptace attach to that process before dropping
privileges the library should be able to access those (in theory, I
didn't actually try that myself - you might be able to just run
dwfl_linux_proc_attach as root, or maybe do the ptrace attach by hand
and stop the thread under inspection before dropping privileges and call
dwfl_linux_proc_attach with assume_ptrace_stopped = true).