Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/rlee287/prctl_disable_dumpability

A LD_PRELOAD module that disables dumpability
https://github.com/rlee287/prctl_disable_dumpability

Last synced: 2 days ago
JSON representation

A LD_PRELOAD module that disables dumpability

Host: GitHub
URL: https://github.com/rlee287/prctl_disable_dumpability
Owner: rlee287
License: mit
Created: 2022-08-01T20:28:50.000Z (over 2 years ago)
Default Branch: main
Last Pushed: 2022-08-01T20:29:09.000Z (over 2 years ago)
Last Synced: 2024-12-24T01:15:14.765Z (11 days ago)
Language: C
Size: 2.93 KB
Stars: 0
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# prctl_disable_dumpability

This is a `LD_PRELOAD` shared object for use with dynamic binaries that disables process dumpability using `PR_SET_DUMPABLE` using a `prctl` call. This disables the production of core dumps when they would normally be triggered by a signal, in addition to setting the ownership of many files under `/proc/$pid` to root (e.g. preventing the observation of environment variables via `/proc/$pid/environ`). For more details, see `prctl(2)` and `proc(5)`.

We do not provide a wrapper execuable because the dumpability status is reset on `execve` calls (as detailed in `execve(2)`). However, we shim `execve(3)` and related functions to preserve `LD_PRELOAD` across calls to `execve(2)` to make the `prctl` call again on init, again with the caveat that `LD_PRELOAD` only works with dynamic executables.

Usage: `LD_PRELOAD=/path/to/prctl_disable_dumpability.so dynamic_binary`