Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Capturing System Calls

From: goat () STYLISHPANTS ORG (Steve Mosher)
Date: Thu, 22 Jun 2000 14:12:29 -0300

        Yep. 'strace' is quite standard with Linux at least. You can use
it to start the process, or you can sick it on a currently running process
if you like (with -p <pid>). Quite nice... quite invaluable. You can't
modify the calls though...

On Thu, 22 Jun 2000, Green Charles Contr AFRL/IFGB wrote:

On UNIX Systems, (FreeBSD, Linux, Solaris) is there a way to capture/modify
system calls calls from an application with out modifying the kernel (or
using kernel modules) - preferably in userspace? The reason I ask is that a
group of us are being asked to evaluate a piece of software for my company
but they've put some heavy restrictions on how we do it. One of the
restriction is that we're not allowed to modify the kernel.


--
Shop smart, shop S-Mart!
        - Ash
Previous By Date Next
Previous By Thread Next

Current thread: