[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Verifying dep-5

On May 28 2016, Johannes Schauer <josch@debian.org> wrote:
> Hi,
>
> Quoting Paul Wise (2016-05-28 06:45:44)
>> I think it would be interesting to automatically track how each file
>> in a binary package was created and which files they were derived
>> from. Then we could automatically generate proper copyright files for
>> binary packages. That is a hard project so...
>
> I was investigating this problem last year and as far as my research went,
> there is no tracing method in existence which reliably traces system calls in
> general, file system access or read/write operations while keeping track of the
> acting pid that is 100% reliable. The methods I found either were not
> transparent (and would thus break test suites) or suffered from race conditions
> where it was possible to register an operation but miss the pid the operation
> was carried out by or dropped operations if they occurred with a too-high
> frequency...

Did you write down your findings in some more detail somewhere? I'd be
curious why e.g. a LD_PRELOAD based wrapper would not work for all
important cases.

Or are we assuming that the application is actively trying to prevent
this (and e.g. does system calls directly on its own)?


Best,
Nikolaus

-- 
GPG encrypted emails preferred. Key id: 0xD113FCAC3C4E599F
Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F

             »Time flies like an arrow, fruit flies like a Banana.«
Reply to: