This is the mail archive of the
mailing list for the elfutils project.
Re: Trying not call elfutils functions in ABRT under root
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Fri, 02 Dec 2016 00:20:18 +0100
- Subject: Re: Trying not call elfutils functions in ABRT under root
On Thu, 2016-12-01 at 20:44 +0000, Adam Sulc wrote:
> Ptrace process before dropping privileges does not allow me to traverse mem files. Still problem persists>
OK. Do you have a code example and what errors you get?
That is an asprintf call. If that fails that indicates some memory
allocation issue, not an error accessing files.
BTW. Is that a fork of elfutils?
What kind of changes did you make to it?
> How to pass the "/proc/[tid]/mem" file opened under root to
> dwfl_linux_proc_find_elf in order to traverse this file after dropping
> the privileges.
You cannot easily unless you write your own Dwfl_Callbacks.find_elf
handler. I assumed that if you were ptrace attached already you would be
able to access that file. Apparently not. Do you get the same issue if
you drop privileges to the uid of the process you are inspecting?
Note that this code path should only be called if the ELF module
couldn't be found on the file system. In that case it will try to slurp
it from the process memory. If you could provide an example of what kind
of setup you have, what callbacks you installed and the proc files in
question that would be helpful to see what is going on.