On 1 September 2016 at 11:37, René J.V. Bertin <rjvber...@gmail.com> wrote: > On Thursday September 01 2016 10:14:16 Pavel Labath wrote: > >> security safeguards on osx (there certainly aren't any on linux), but > > There's the codesigning bit. But that's just more a nuisance than a real > protection, from what I can tell, at least against code you build and install > yourself. > >> I think having it installed that way is an open invitation to get >> pwned. > > Looking at it that way, yes. That said, it looks like applications debugged > as a regular user still run with that user's UID even if debugserver is > running as root. > > R.
Don't forget that the debugger can attach to an already running processes as well. without setuid, it could presumably attach only to own processes, but if it's running as root... pl _______________________________________________ lldb-dev mailing list lldb-dev@lists.llvm.org http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev
