Can gdb debug suid root programs?

Question

I did a program that call setuid(0) and execve("/bin/bash",NULL,NULL).

Then I did chown root:root a.out && chmod +s a.out

When I execute ./a.out I get a root shell. However when I do gdb a.out it starts the process as normal user, and launch a user shell.

So... can I debug a suided root program?

score 6 · Accepted Answer · answered Jul 01 '11 at 00:04

6

Only by running gdb as root. (In other words, no.)

For security reasons, normal users are not allowed to trace processes belonging to other users, especially root.

answered Jul 01 '11 at 00:04

C. K. Young

Only root can call `ptrace()` (system call used to debug applications) – jyz Jul 31 '13 at 17:13

1 Answers1