On 12/16/11 21:53, Freddy Spierenburg wrote:
Hi (first message) Bart-Jan and (second) Marko, On Fri, Dec 16, 2011 at 09:32:05PM +0100, Bart-Jan Vrielink wrote:You shouldn't be able to strace suid programs.Please enlighten me, why not?
suid/setuid means that the program runs as another user. Being able to trace system calls for another user is a security risk. When strace is asked to run a setuid program, it will ignore the setuid bit, which is not what you want.