开发者

How do I get a coredump from a setcap executable?

问答 作者:

To prevent the escape of privileged data, setcap executables on Linux don't dump core:

ijw@build$ cat > test.c
main() { abort(); }
ijw@build$ gcc test.c
test.c: In function ‘main’:
test.c:1: warning: incompatible implicit declaration of built-in function ‘abort’
ijw@build$ ./a.out 
Aborted (core dumped)
ijw@build$ sudo setcap "cap_net_admin=+ep" a.out                 
ijw@build$ ./a.out 
Aborted

Is there any way to enable it when you're debugging and actually want to see the co开发者_StackOverflowre file?

I have two answers after more research.

  1. You can change the system behaviour in its entirety. This isn't really suitable beyond a one user development machine but it does the trick:

    echo 1 > /proc/sys/fs/suid_dumpable

    Tested, works.

  2. You can change the behaviour of the specific program by calling prctl() in it:

    prctl(PR_SET_DUMPABLE, 1);

    In this way, the privileged program determines for itself that it should be dumpable, and the system as a whole is not affected.

    I've not tried this one.

继续阅读:debuggingelevated-privilegesprivileges

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9