<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7651.28">
<TITLE>RE: [Haifux] [Haifux Lecture] User space syscall tracing        andmanipulation - fakeroot-ng by Shachar Shemesh</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>>I think<BR>
>I even gave a haifux talk on run-time modification of programs using<BR>
> ptrace for fun an profit a few years ago.<BR>
<BR>
There is surely a profit and a lot of fun around here, but indeed there was a<BR>
"ptrace - Playing Debugger Chess" lecture by you,<BR>
<A HREF="http://www.haifux.org/lectures/115/">http://www.haifux.org/lectures/115/</A><BR>
<BR>
I don't know who has a profit here (and who has fun...)<BR>
<BR>
Rgs,<BR>
Yossi<BR>
<BR>
-----Original Message-----<BR>
From: Muli Ben-Yehuda [<A HREF="mailto:muli@il.ibm.com">mailto:muli@il.ibm.com</A>]<BR>
Sent: Thu 1/17/2008 1:08 PM<BR>
To: Shachar Shemesh<BR>
Cc: arbel yossi; Haifa linux club; linux-il<BR>
Subject: Re: [Haifux] [Haifux Lecture] User space syscall tracing andmanipulation - fakeroot-ng by Shachar Shemesh<BR>
<BR>
On Thu, Jan 17, 2008 at 12:45:10PM +0200, Shachar Shemesh wrote:<BR>
<BR>
> Fakeroot-ng is a (as far as I know) first attempt to do the things<BR>
> usually done with LD_PRELOAD using the ptrace mechanism. It was both<BR>
> the trigger and the root cause of this lecture.<BR>
<BR>
Not sure what you mean by "things usually done with LD_PRELOAD?"<BR>
Certainly ptrace has been used to both trace and modify running<BR>
binaries, by gdb, strace, dumpmem[1], memfetch[2] and others. I think<BR>
I even gave a haifux talk on run-time modification of programs using<BR>
ptrace for fun an profit a few years ago.<BR>
<BR>
> The lecture will look at fakeroot, fakechroot, fakeroot-ng and<BR>
> strace, at varying degrees of depths, mostly because all four chose<BR>
> slightly different approaches for solving, fundamentally, the same<BR>
> problem.<BR>
<BR>
They did?<BR>
<BR>
Sounds like an interesting talk, will try to attend.<BR>
<BR>
[1] <A HREF="http://www.mulix.org/dumpmem.html">http://www.mulix.org/dumpmem.html</A><BR>
[2] <A HREF="http://lcamtuf.coredump.cx/soft/memfetch.tgz">http://lcamtuf.coredump.cx/soft/memfetch.tgz</A><BR>
<BR>
Cheers,<BR>
Muli<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>