Linux ptrace TRACEME call effect

Question

Linux ptrace TRACEME call effect

I have the following code. it just calls ptrace (PTRACE_TRACEME), then goes into an infinite loop. I have two questions.

1. after executing this binary, I can't attach gdb even if I am root.

2. with ptrace(PTRACE_TRACEME), I can't terminate the process with Ctrl-C (SIGINT). it simply stops.

can someone explain the reason to me ?? thanks in advance. ps. I know that most debuggers expand the child and call ptrace (PTRACE_TRACEME) 'before' execve (). no need to remind me of that.

#include <sys/ptrace.h>
#include <sys/reg.h>
#include <sys/wait.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <errno.h>
#include <string.h>

int main(int argc, char **argv) {

    printf("my pid : %d\n", getpid());  
    ptrace(PTRACE_TRACEME);


    while(1){
        printf("euid : %d\n", geteuid());
        sleep(2);
    }
    return 0;
}

+4

linux ptrace gdb

daehee Jun 22 '14 at 16:34

source share

2 answers

Sergei Kurenkov · Answer 1 · 2014-06-23T05:13:02+0000

after executing this binary, I cannot attach gdb even if I am root.

From man ptrace:

ERRORS
EPERM . ( - CAP_SYS_PTRACE); root , set-user-ID/set-group-ID . init (8) (PID 1).

ptrace (PTRACE_TRACEME), Ctrl-C (SIGINT). .

man ptrace:

, , . ( SIGKILL, .) (2) . , ( ).

Fernando · Answer 2 · 2016-09-14T21:57:55+0000

, PTRACE_TRACEME, (, bash) - bash, ptrace .

, bash , strace ptrace .

(bash), , strace ( ). , , bash , (bash). , bash , ptrace .

Linux ptrace TRACEME call effect

More articles: