Process Debugging questions
Robert Watson
rwatson at FreeBSD.org
Sun Nov 12 00:20:15 UTC 2006
On Sun, 12 Nov 2006, trowa-4 wrote:
> FreeBSD provides the ptrace system call for controlling and debugging the
> execution of a process.
>
> An alternative to the ptrace system call is the /proc filesystem. The
> functionality provided by the /proc filesystem is the same as that provided
> by ptrace; if differs only in its interface.
>
> Are there having a better method or other method?
Historically, procfs has been a major source of security vulnerabilities for
all major UNIX platforms that have used it. Since it largely duplicates the
functionality of ptrace(), it is now disabled by default. However, there is
some functionality only present in procfs that leads people to enable it in
some situations. My advice is to use ptrace() if you can do everything you
need with it, but otherwise consider using procfs.
Robert N M Watson
Computer Laboratory
University of Cambridge
More information about the freebsd-hackers
mailing list