[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using sgid binaries to defend against LD_PRELOAD/ptrace()

On Fri, Dec 07, 2007 at 07:18:11PM +0100, Martin Pitt wrote:
> However, a lot of programs that we have deal with passwords and other
> secrets which deserve some protection, like passwords you type into
> ssh, screensavers, seahorse, etc.

While I sort of like the idea, I must admit that if I couldn't debug various
programs without being root on a system, I would get rather mad at times.
strace, in particular, is an extremely useful debugging tool when a program
doesn't have verbose enough logging, and having such a mechanism without a
way to turn it off (short of creating your own binary, I guess?) would be
quite a pain.

FWIW, in Windows you need to be part of the "Debugger Users" group to debug
anything, which means in practice that most developers run as administrator
all the time (which means that a lot of software is only ever tested as
administrator and thus doesn't run without administrator privileges :-) ).

/* Steinar */
Homepage: http://www.sesse.net/

Reply to: