Hooking sycalls from userspace on Linux
https://stackoverflow.com/questions/268584
-
06-07-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
Is there any way to catch all syscalls on Linux? The only solution I know of is using LD_PRELOAD à la fakeroot, but that only works for dynamically linked applications. Furthermore, this approach requires enumerating all syscalls which is something I'd like to avoid.
Solution
I think you are looking for ptrace(2).
OTHER TIPS
You can trace a program. Think about how strace works. Hint: it doesn't use LD_PRELOAD tricks.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
