-
```
case PR_execve:{
status = 0;
//status = translate_execve_enter(tracee);
word_t arg1 = peek_reg(tracee, CURRENT, SYSARG_1);
char temp1[PATH_MAX];
read_path(tracee, temp1, a…
-
We setup seccomp filter rules based on DSO load address, unfortunately after `execve` syscall, the new DSOs can have different addresses, even when *ASLR* is disabled. seccomp filter rules are preserv…
-
need to make a function that will take the tokenized path as input and will concatenate the inputted arg[0] onto it and then run it through stat() to see if it is a valid path or not. I am not sure if…
-
Mixing sys.executable and *parsed* argv produces unintentional sys.path changes on re-exec:
```
# python -m gunicorn my:app
Booting worker with pid: 201117
[..]
# kill -USR2 $(pgrep --oldest -f…
pajod updated
3 weeks ago
-
/system/bin/su: No such file or directory
-
# Documentation
It's not documented, that `.cancel()` kills background process with `kill()`. At least on Linux:
```python
from asyncio import Task, create_subprocess_exec, run, sleep
async d…
-
upstream issue from 2015 https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/1421760
these work as expected ...
```
$ ./coreutils/target/debug/env python
>>> print("hello")
hello
```
…
-
I hope you don't mind me breaking your program :)
I found that if the tracee calls execve within a thread reverie-ptrace panics.
According to the `clone` man page (`man 2 clone`)
…
-
### Describe the bug
binfmt not working on aarch64 linux on Apple M1 CPU
Apple M1 CPU does not support aarch32/armv7 architecture:
https://news.ycombinator.com/item?id=27278019
```console
[ro…
-
Add file attributes to fields for conditions and outputs from file system: file owner, file permissions.
This can help track programs with the suid bit or animaly permissions and could be useful wh…