Bugtraq mailing list archives
Re: strace can lie
From: pavel () UCW CZ (Pavel Machek)
Date: Sat, 1 Jan 2000 21:26:17 +0100
Hi!
When you see snippet from strace, that says: open("/etc/passwd", O_RDONLY) = 3 Do you trust it? You should not.I'm not sure what your point is, really. strace shows that /etc/passwd got opened successfully and returned file descriptor 3. If the open() failed, you'd see -1 as the return value.
I'm pointing out that application could have _any other_ file opened. Name is not to be trusted because it could have changed between strace printing it and kernel doing the syscall.
What's deceptive about strace?
That it is not safe w.r.t. races. -- I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care." Panos Katsaloulis describing me w.r.t. patents me at discuss () linmodems org
Current thread:
- Re: strace can lie Pavel Machek (Dec 28)
- <Possible follow-ups>
- Re: strace can lie Pavel Machek (Jan 01)