tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Silly question about ktrace(1) and non-root users



        Hello.  I'm sure this is a pilot error question, but I'm wondering if
someone can enlighten me as to why the behavior I'm seeing is happening.
It's not obvious to me,  but I'm sure I'm missing something obvious.
        My understanding of ktrace(1) and the associated ktrace(2) call is
that non-root users are permitted to ktrace their own processes.  That is,
if a process is running as user buhrow, for example, then user buhrow ought
to be able to ktrace that process.
        What I'm seeing is that this works as long as the process being trace
was started from the current shell.  However, if I try to ktrace(1) a
process that appears to be owned by me, but was started by some other root
process, like inetd, or sshd, for example, then I get an operation not
permitted.  For exammple, I tried to do a ktrace(1) on one of the sshd
processes that's running as me, user buhrow, on one of my machines.  Here's
what I get.


Script started on Mon Jun 20 12:28:20 2011
%ps -uw28755
USER     PID %CPU %MEM VSZ RSS TTY STAT STARTED    TIME COMMAND
buhrow 28755  0.1  0.0 408 932 ?   S    24May11 0:03.27 sshd: buhrow@ttyp2 
%whoami
buhrow
%ktrace -p 28755
ktrace: file ktrace.out, pid 28755: Operation not permitted
%exit
Script done on Mon Jun 20 12:29:06 2011

I don't think this is a bug as it behaves this way on NetBS-3.x, 4.x and
5.x.  Can anyone provide clue?
-thanks
-Brian


Home | Main Index | Thread Index | Old Index