From owner-freebsd-hackers@FreeBSD.ORG  Sun Nov 12 00:20:15 2006
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: freebsd-hackers@freebsd.org
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 08CFF16A415
	for <freebsd-hackers@freebsd.org>; Sun, 12 Nov 2006 00:20:14 +0000 (UTC)
	(envelope-from rwatson@FreeBSD.org)
Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 53D1643D46
	for <freebsd-hackers@freebsd.org>; Sun, 12 Nov 2006 00:19:58 +0000 (GMT)
	(envelope-from rwatson@FreeBSD.org)
Received: from fledge.watson.org (fledge.watson.org [209.31.154.41])
	by cyrus.watson.org (Postfix) with ESMTP id 55E0646C9A;
	Sat, 11 Nov 2006 19:19:40 -0500 (EST)
Date: Sun, 12 Nov 2006 00:19:40 +0000 (GMT)
From: Robert Watson <rwatson@FreeBSD.org>
X-X-Sender: robert@fledge.watson.org
To: trowa-4 <trowa-4@yahoo.com.tw>
In-Reply-To: <571883.4868.qm@web72011.mail.tp2.yahoo.com>
Message-ID: <20061112001826.Y45016@fledge.watson.org>
References: <571883.4868.qm@web72011.mail.tp2.yahoo.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: freebsd-hackers@freebsd.org
Subject: Re: Process Debugging questions
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 12 Nov 2006 00:20:15 -0000


On Sun, 12 Nov 2006, trowa-4 wrote:

> FreeBSD provides the ptrace system call for controlling and debugging the 
> execution of a process.
>
> An alternative to the ptrace system call is the /proc filesystem. The 
> functionality provided by the /proc filesystem is the same as that provided 
> by ptrace; if differs only in its interface.
>
> Are there having a better method or other method?

Historically, procfs has been a major source of security vulnerabilities for 
all major UNIX platforms that have used it.  Since it largely duplicates the 
functionality of ptrace(), it is now disabled by default.  However, there is 
some functionality only present in procfs that leads people to enable it in 
some situations.  My advice is to use ptrace() if you can do everything you 
need with it, but otherwise consider using procfs.

Robert N M Watson
Computer Laboratory
University of Cambridge