As part of my work on rootless containers, I found that many tools try to drop privileges. This makes those tools break inside rootless containers, so I spent a week or two working on a tool that allows users to shim out all of the "drop privileges" syscalls. Here is documented the pain that I went through while figuring out how ptrace(2) is meant to work.
↧
Adventures into ptrace(2) Hell
↧