Create a hello world binary.
Give it linux capabilities e.g. with setcap command.
valgrind the binary with caps.
It will fail.:
#include <stdio.h>
int main() { printf("Hello.\n"); return 0; }
user@devuan:~/test3$ gcc main.c
user@devuan:~/test3$ sudo su
root@devuan:/home/user/test3# setcap "cap_net_admin+eip" ./a.out
root@devuan:/home/user/test3# exit
exit
user@devuan:~/test3$ valgrind ./a.out
==19376==
==19376== Warning: Can't execute setuid/setgid/setcap executable: ./a.out
==19376== Possible workaround: remove --trace-children=yes, if in effect
==19376==
valgrind: ./a.out: Permission denied
Even root can't valgrind it:
user@devuan:~/test3$ sudo valgrind ./a.out
==19385==
==19385== Warning: Can't execute setuid/setgid/setcap executable: ./a.out
==19385== Possible workaround: remove --trace-children=yes, if in effect
==19385==
valgrind: ./a.out: Permission denied
So how to?
Afair I tried also giving SUID flags, and all CAPs to valgrind* and it's /lib/
binaries and all, but nothing worked.
Is it required to hack the kernel to remove this restriction?
What is the root cause?
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Valgrind-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/valgrind-users
