> On Apr 5, 2006, at 08:06:30, Herbert Rosmanith wrote:
> >> On Wed, Apr 05, 2006 at 01:27:03PM +0200, Herbert Rosmanith wrote:
> >>>
> >>> good afternoon,
> >>>
> >>> I'm searching for a way to trace/intercept syscalls, both before
> >>> and after execution. "ptrace" is not an option (you probably know
> >>> why).
> >>
> >> Does strace do what you are asking for?
> >
> > as I said, "ptrace" is not an option.
>
> Why not, exactly? (No, we don't know why).
according to the man-page:
RETURN VALUES
EPERM The specified process [...] is already being traced.
this makes it unusable for me.
> ptrace is _the_ Linux mechanism to trace and intercept syscalls.
>
> There is no other way.
"there is no other way": [1,2,3,4]
regards,
h.rosmanith
[1] http://www.uniforum.chi.il.us/slides/HardeningLinux/LAuS-Design.pdf
[2] http://www.usenix.org/publications/library/proceedings/als01/full_papers/edwards/edwards.pdf
[3] http://www.citi.umich.edu/u/provos/papers/systrace.pdf
[4] http://www.nsa.gov/selinux/papers/freenix01.pdf
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]
