Date: Fri, 13 Apr 2018 10:45:38 +0200 From: Alexander Leidinger <Alexander@leidinger.net> To: freebsd-hackers@freebsd.org Subject: Re: Tracing with DTrace, when custom probe provider is running as regular user Message-ID: <20180413104538.Horde.qmK8eOl8lVdSxpY1cQS83Tw@webmail.leidinger.net> In-Reply-To: <d3c85d69-b5ee-4ae5-9e1e-3ce6ca47618c@FreeBSD.org> References: <B7FD6BB4-D74A-4C7F-8C9A-487A25FFCA43@gmail.com> <1D449DD6-4D38-4561-8BD0-B6E581AB53A8@gmail.com> <d3c85d69-b5ee-4ae5-9e1e-3ce6ca47618c@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This message is in MIME format and has been PGP signed. --=_NTq82rNDf8Y9XZa21dthmow Content-Type: text/plain; charset=utf-8; format=flowed; DelSp=Yes Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Quoting Matthew Seaman <matthew@freebsd.org> (from Mon, 9 Apr 2018=20=20 11:30:10=20+0100): > On 09/04/2018 11:01, Daniel Dettlaff wrote: >> Issue is critical for tracing Postgresql which demands to run with >> NON privileged user, but in general launching any server software as ro= ot >> should be considered to be "harmful" / "a bad idea" right? > > The issue with allowing non-privileged users access to dtrace is the=20= =20 >=20risk of disclosing kernel memory. Unfortunately blocking this=20=20 >=20access means that using the UserSDT's from (for example)=20=20 >=20postgresql-server running as the postgres user is not permitted. If I understand it right, the original poster was also not able to=20=20 trace=20a non-root process with root-dtrace. What's the reason for this? Bye, Alexander. --=20 http://www.Leidinger.net=20Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_NTq82rNDf8Y9XZa21dthmow Content-Type: application/pgp-signature Content-Description: Digitale PGP-Signatur Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAABAgAGBQJa0G4xAAoJEKrxQhqFIICEwE0P/iWNLg7/lWmDFrm08MEL9Dh9 GnA/B+UlLoQ/lQIvFe0Ky6veq7qTkrjwA5ls4vqiS5jPvJyqkNYJAVpxGYinVsKG 3I7XJ/v2AKsaiR0YMqbpBzyZQgKCRGE+9zchUw8ewFZCyceFnvoV1dQRoo9b3Hdj pVgOsvwPqQNnzk1KcGBBlNpT2P+wHu+ezSg2JA4G/NE7jQZECPsRuiO81BZoWrMX wRD9+Y20CEwt4XD6NKUD5uHWJVDgG6qv5MTZ5t4FXRfLnCPXD10o2iBdDrASfPUd gbFUDA00093hfsTo2lV3IBmbqqp2g5I2QEWZHrY/ixfMqlN9xeVLjVwmvsBK2UKe yXpITtLoiHtH3mkQnGSp+ba1ogjllXTUGN1xYH8m6KIc6TzoicakzUZ5NWUxY1K4 h2z7V41nY+B7Mh16PKWbXdu11eer4BTk/r+kWs/+7GZIMRinBUuF5oWKDXH90kQp AQkwlY34ruxPUoJNDdW8L8PtM4AC/S+hO+wnJRUPtlThV903mAaH8A9+IG1KoST1 FgktDPPTqAuCnrLlyvTpc1BupXhtb2GV0YWcUp+iPLIX8Tk52807B6BURBfG8gEw CM0kCXEmVTuQd8bQcIg2K9Yd8NMKFLaftERvPEG4lJD6YKs3A6uc/0eMy6fVUwdp KhdtxgjWXs75q28xSufO =+aLq -----END PGP SIGNATURE----- --=_NTq82rNDf8Y9XZa21dthmow--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180413104538.Horde.qmK8eOl8lVdSxpY1cQS83Tw>