* jerome zh ([email protected]) wrote: > Hello, > > I learned from the slides on LTTng website that Lttng is capable of > password snooping. > I've tried this on my LTTng-enabled kernel, but I did not get the password.... > > What is the problem? Should I insert extra tracepoints which are > needed for password snooping?
Which LTTng version are you using ? It depends on the input subsystem tracing (see ltt-armall, it's now disabled by default for security reasons) if you want to record keypress. In earlier lttng versions, we also traced the write() system call first bytes of payload, but this instrumentation is currently removed. Mathieu > > -- > Regards, > > Jerome > > _______________________________________________ > ltt-dev mailing list > [email protected] > http://lists.casi.polymtl.ca/cgi-bin/mailman/listinfo/ltt-dev > -- Mathieu Desnoyers Operating System Efficiency R&D Consultant EfficiOS Inc. http://www.efficios.com _______________________________________________ ltt-dev mailing list [email protected] http://lists.casi.polymtl.ca/cgi-bin/mailman/listinfo/ltt-dev
