Unable to find Mach task port for process-id 28860: (os/kern) failure (0x5).
2012-12-17 23:50
615 查看
Mac OS X and gdb
Sometime recently (2011 April) on my Mac gdb lost its ability to debug the ‘Hello World’ program in C without super user status.After directing gdb torun, the following report emerges:
Unable to find Mach task port for process-id 28860: (os/kern) failure (0x5).
Searching the web for such messages I see
this rumor.
This suggests that it is an issue of code signing.
I cannot now find the web page but I believe that I saw a note from someone at Apple saying that access to Unix processes such as required by gdb to debug a process, had been restricted so that a person using gdb would no longer be able to abuse the authority
of a setuid program running under gdb.I.e. after “gdb /usr/bin/passwd” any user would be able to do things that only root should be able to do.The seeming result of this is that I can’t debug ‘Hello World’ without giving both gdb and my program root
access.
With great trepidation I tried “gdb /usr/bin/passwd” just now.It worked; or at least it got to the point of asking me for my old password.I did not have the nerve to continue.Now I am worried!
I did a test with two different users.The simplest explanation of what I saw is that under gdb the program runs with the authority of the user who launched gdb even if the file from which the binary was loaded was marked setuid.Perhaps this is a mod to gdb
which is certainly in a position to do this, except for the fact that neither
/usr/libexec/gdb/gdb-i386-apple-darwin nor /usr/bin/gdb are marked setuid.I don’t know how Apple does this but I see no clear vulnerability.Perhaps we are in
getxattr land.
Modifying the kernel to make access to a process contingent on the accessor having as much authority as the accessed process would alleviate all of the issues that I remember from the Apple note, and then I could debug ‘Hello World’ without root access for
either gdb or my undebugged program.
I think that I have the answer.See
this.When I mark as ‘trusted for code signing’ Apple’s 509 cert with MD5 fingerprint = 7E 61 1E 0F 7B A3 1B 51 98 6F 41 3B 41 38 3E F0,then gdb executes the program with no problems or reservations.I do this step with Apple’s Keychain utility which ascribes
the name “Apple Root CA” to that cert.
http://www.cap-lore.com/CapTheory/Grist/gdbOSX.html
相关文章推荐
- Unable to find Mach task port for process-id 47072: (os/kern) failure (0x5). (please check gdb is c
- MAC下GDB出现问题-Unable to find Mach task port for process-id 1262: (os/kern) failure (0x5).
- Unable to find a valid document id for entity
- unable to find sql server process id on
- _BSMachError: port 9f03; (os/kern) invalid name (0xf) "Unable to deallocate send right"
- How To Find Where The Memory Is Growing For A Process (Doc ID 822527.1)
- 使用CocoaPods过程中 Unable to find a specification for
- iOS:Xcode错误 failed to get the task for process 3118
- General error Unable to open registry key 'Temporary (volatile) Jet(or Ace) DSN for process
- Siebel Error: Unable to find definition for component CommOutboundMgr. (SBL-SRQ-0013)
- 报错:failed to get the task for process XXX(解决方案)
- ios在真机上调试时出现“Error launching remote program: failed to get the task for process xxx"解决办法(转)
- CocoaPods报错:[!] Unable to find a specification for xxxx
- 【物联网】OpenWrt编译出现Unable to find remote helper for 'https'问题
- 解决方案:Unable to retrieve the URL endpoint for Service/Port
- XCode Could not launch "" failed to get the task for process
- Unable to find a 'userdata.img' file for ABI armeabi to copy into the AVD folder
- fatal: Unable to find remote helper for 'https' (git push -u origin master)(Red Hat /centos6.7)
- Weka连接数据库不成功:unable to find a suitable driver for jdbc:mysql://localhost/programmableweb