PR11256: harden --unprivileged mode

* tapsets-mark.cxx, tapsets.cxx: Don't even publish probe point families that are inappropriate for use in --unprivileged mode. (dwarf_derived_probe_*unprivileged*): Remove, to default to blanket no-permission rather than emit_process_owner_permission mode. * testsuite/semko/fortyeight.stp: New test.
author: Frank Ch. Eigler <fche@elastic.org> 2010-02-05 16:55:22 -0500
committer: Frank Ch. Eigler <fche@elastic.org> 2010-02-05 16:55:22 -0500
commit: 03d9fbb14c2f641e315be2419b70382bfd43f620 (patch)
tree: fe866bfcac9a4358f3f4e0c4402d114bf2da35a2 /testsuite/semko/fortyeight.stp
parent: 3cad5a57f0117dcb994b72db454b3fa1805e5dd5 (diff)
download: systemtap-steved-03d9fbb14c2f641e315be2419b70382bfd43f620.tar.gz
systemtap-steved-03d9fbb14c2f641e315be2419b70382bfd43f620.tar.xz
systemtap-steved-03d9fbb14c2f641e315be2419b70382bfd43f620.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/testsuite/semko/fortyeight.stp b/testsuite/semko/fortyeight.stp
new file mode 100755
index 00000000..e79d7a1d
--- /dev/null
+++ b/testsuite/semko/fortyeight.stp
@@ -0,0 +1,4 @@
+#! /bin/sh
+
+# None of these probe types should even be acceptable to pass-2
+stap --unprivileged -p2 -t -e 'probe kernel.function("sys_open")!, kernel.trace("*")!, kernel.mark("*")!, module("*scsi*").function("*") { }'
author	Frank Ch. Eigler <fche@elastic.org>	2010-02-05 16:55:22 -0500
committer	Frank Ch. Eigler <fche@elastic.org>	2010-02-05 16:55:22 -0500
commit	03d9fbb14c2f641e315be2419b70382bfd43f620 (patch)
tree	fe866bfcac9a4358f3f4e0c4402d114bf2da35a2 /testsuite/semko/fortyeight.stp
parent	3cad5a57f0117dcb994b72db454b3fa1805e5dd5 (diff)
download	systemtap-steved-03d9fbb14c2f641e315be2419b70382bfd43f620.tar.gz systemtap-steved-03d9fbb14c2f641e315be2419b70382bfd43f620.tar.xz systemtap-steved-03d9fbb14c2f641e315be2419b70382bfd43f620.zip