don't run elfutils as root in ABRT

Adam Šulc
Mon May 8 08:38:00 GMT 2017


I work on ABRT improvement in order to increase security related to
core backtrace generating using elfutils library.
Here is a short description of my problem:

Goal is to not call base code in elfutils and gdb functions under root.
If you are more interested you can read more there:

We need root for opening /proc files only.
First, we open these files under root,
then we drop capabilities & privileges and finally, we generate core_backtrace.

We have one problem that still persists, we need to pass the opened
/proc/[tid]/mem file to this function:
Because this function opens the /proc/[tid]/mem file itself, thus it
is hard coded and we cannot pass our /proc/[tid]/mem file pointer:
So we dont know how to pass the opened file to this function.

Do you have any idea how to pass the open file descriptor into the
function? Or what is the best way how to achieve this?

Thank you

More information about the Elfutils-devel mailing list