I've noticed a few side-effects of using ptrace patch on Linux 2.4.x
(2.4.18 and 2.4.20 tested, with patch from
http://www.hardrock.org/kernel/2.4.20/linux-2.4.20-ptrace.patch; ptrace
changes in 2.4.21-pre6 look the same, so I expect the same side-effects
in 2.4.21-pre6).
Most of these problems already were mentioned here, but I couldn't find
proper ptrace patch or any set of fixes which could resolve all problems.
Is there any now?
Summarizing: for some processes (like apache, postfix... generally those
which were started with uid=0 and dropped some privileges on startup?):
- /proc/PID/cmdline and /proc/PID/environ are empty (ps displays those
processes in [] brackets, like swapped out); I saw a patch on
LKML, but it enabled this data only for root; previous behaviour
was to allow reading cmdline for all users (blocking it can break some
monitoring systems)
- *trace commands (using ptrace syscall) on such processes don't work
from root account - e.g. strace on httpd shows only:
trace: ptrace(PTRACE_SYSCALL, ...): Operation not permitted
and leaves stopped process (kill -CONT must be used to start it again)
PS. please Cc comments to me. Thanks.
-- Jakub Bogusz http://cyber.cs.net.pl/~qboosh/ PLD Linux http://www.pld.org.pl/ - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/