This is the mail archive of the mailing list for the elfutils project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Trying not call elfutils functions in ABRT under root

On Thu, 2016-12-01 at 20:44 +0000, Adam Sulc wrote:
> Ptrace process before dropping privileges does not allow me to traverse mem files. Still problem persists>

OK. Do you have a code example and what errors you get?


That is an asprintf call. If that fails that indicates some memory
allocation issue, not an error accessing files.

BTW. Is that a fork of elfutils?
What kind of changes did you make to it?

> How to pass the "/proc/[tid]/mem" file opened under root to
> dwfl_linux_proc_find_elf in order to traverse this file after dropping
> the privileges.

You cannot easily unless you write your own Dwfl_Callbacks.find_elf
handler. I assumed that if you were ptrace attached already you would be
able to access that file. Apparently not. Do you get the same issue if
you drop privileges to the uid of the process you are inspecting?

Note that this code path should only be called if the ELF module
couldn't be found on the file system. In that case it will try to slurp
it from the process memory. If you could provide an example of what kind
of setup you have, what callbacks you installed and the proc files in
question that would be helpful to see what is going on.



Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]