On Thu, Dec 06, 2001 at 01:09:02AM -0500, Keith Warno wrote:
> Hmm. Is strace supposed to be capable of tracing setuid programs (ie,
> su) when executed by mortal users? I always thought this was a big
> no-no.
>
You can trace them, but strace will ignore the setuid bit on the process,
for example if you strace su, you will see a lot of permission denied, as
it won't actually run as root, and won't be able to open things like
/etc/shadow or /proc/self/fd/0. If you want to strace setuid things and
have the setuid bit honored, you have to run strace as root with the -u
option.
-- Jason Kohles jkohles@redhat.com Senior System Architect (703)786-8036 (cellular) Red Hat Professional Consulting (703)456-2940 (office) - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Dec 07 2001 - 21:00:33 EST