On Mon, Feb 27, 2012 at 12:43, guy keren <[email protected]> wrote: > On 02/27/2012 12:33 PM, ik wrote: >> >> Hello, >> >> I have a program that I write that uses user-space libraries that talk >> with kernel space, and I use an IDE for the development and debugging. >> >> The program requires to run as super user, but I do not want to run >> the whole IDE itself as super user, only gdb for this specific >> project, but the IDE >> does not allow me to do something like: /usr/bin/kdesu /usr/bin/gdb ... >> I also do not wish to provide suid to root, and allow every one to use >> gdb as root. >> >> Beside executing gdb myself with sudo, how would you recommend me to >> elevate user privileges for gdb on such case ? > > > a few options: > > > 1. write a program called "gdb" that only your user has access to. put it in > your PATH before the locatinof the real gdb. this new "gdb" program will be > a small suid C program that runs the real gdb. if your IDE looks for gdb in > the path, rather then with a full path, it will work. > > 2. make a second copy of the gdb binary that only your can access - and make > it suid root. put it in your path before the original gdb. > > 3. check if your IDE is able to use the gdb client-server model. if it can - > you can run your program externally using the gdb server - and make your ide > use a gdb-client. i didn't check if the gdb client can run as a normal user > - but assuming the communiation is done over sockets - it can work. make > sure that the socket is not accessible outside your machine, and you can add > firewall rules that will only allow your user to connect to the relevant > socket.
I'm going to use gdbserver. Thank you very much guys > > --guy > Ido > > _______________________________________________ > Linux-il mailing list > [email protected] > http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il _______________________________________________ Linux-il mailing list [email protected] http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
