It can be slow-ish for generic usage though. When a program ptrace's
another, every system call the victim program makes must go through the
tracer, which must do further system calls to access the parameters.
That's a lot of extra context switches.
I'd say that, in many (but not all!) cases, interposition at the library
level (with LD_LIBRARY_PATH or LD_PRELOAD) is faster and more convenient
than ptrace.
> There is another solution that is used by the iBCS2
> kernel-module, a separate system call entry. So you can 'proxy' a system
> call in an arbitrary way.
More generally, the module API has a generic way to hook system calls.
-- Roger Espel Llima, espel@llaic.u-clermont1.fr http://www.eleves.ens.fr:8080/home/espel/index.html- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/