This is the mail archive of the
gdb@sourceware.org
mailing list for the GDB project.
Re: unable to attach to setuid program that as reverted it privilege
Andreas,
works great.
Here are a few notes in case someone else has this same problem....
To turn this on, do this:
1) log in as root
2) echo 2 >/proc/sys/kernel/suid_dumpable
To turn this off, do this:
1) log in as root
2) echo 0 >/proc/sys/kernel/suid_dumpable
On some systems the target file might be in /proc/sys/fs
It will not work to just use sudo in front of echo. You must log in
as root because the redirection has the user's privilege.
I do not know what echo 1 would do.
This is documented as allowing core files to be created for setuid
programs. What I am using it for is to allow gdb run as a non-root
user to connect to setuid programs that have _permanently_ given up
their root privilege. Without suid_dumpable enabled, gdb will fail
with a EPERM error even tho the target program is no longer running as
root and can not reacquire root privilege ( a good default behavior ).
This will work fine for my needs, but I would prefer finer grained control.
that is:
1) separate attaching and core dumping.
2) don't turn on this feature for _all_ processes, just select processes.
This should only be used in a controlled environment because of the
security issues.
Because this turns on core dumping it would be prudent to also look
into /proc/sys/kernel/core_pattern to prevent name collision when core
dumps are created.
--
Michael Potter
On Jan 23, 2008 2:42 PM, Andreas Schwab <schwab@suse.de> wrote:
> "Michael Potter" <pottmi@gmail.com> writes:
>
> > I will post to a Linux kernel list in a couple of days. I posted here
> > because I felt that I was likely to find someone who had the same
> > problem in this group.
>
> /proc/sys/kernel/suid_dumpable might be what you are looking for.
>
> Andreas.
>
> --
> Andreas Schwab, SuSE Labs, schwab@suse.de
> SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
> PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
> "And now for something completely different."
>