SECURITY Debugging with Hardened Gentoo
From Gentoo Linux Wiki
Contents |
[edit] Note
This doesn't work with recent gentoo hardened systems. See discussion and bugs
[edit] Why?
Having problems debugging executables with hardened gcc and USE="hardened" turned on? This guide will run through how to debug programs that are proving difficult.
[edit] Set Your Flags
Add to your LDFLAGS LDFLAGS="-ggdb", assuming you are using gdb. (aren't we all, though? :-) )
[edit] Disable PaX
Turn off all PaX flags on the program with chpax or paxctl.
chpax/paxctl -prmsx /the/executable/you/want
[edit] Change your GCC specs
Before compiling, set the GCC_SPECS environment variable like this:
export GCC_SPECS='/usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.6/vanilla.specs'
The exact path may vary on your system, depending on your architecture and your GCC version. This will disable all hardened/pie/pic features of gcc.
If your project uses a Makefile, put this line at the top of it:
export GCC_SPECS := /usr/lib/gcc-lib/i686-pc-linux-gnu/3.3.6/vanilla.specs
The part about GCC_SPECS= is strange advice and should be using gcc-config but no matter this method would work anyway. (03/23/06 -solar)
gcc-config only works if you are root. exporting GCC_SPECS works for any user to enable backtrace. the version number should be changed to match the installed version of gcc. (11/14/06)
and rebuild entirely (make clean && make).
[edit] GDB
If you're debugging an existing ET_DYN executable then try running gdb /lib/ld-linux.so.2, then run /the/executable/you/want from within gdb.
[edit] Troubleshooting
If that doesn't work, try compiling with CFLAGS="-nopie". You will lose the ability to have some PaX protections. Remember that shared objects/modules must be compiled with -fPIC.
[edit] Real life example
CFLAGS="-g3 -fno-pie -fno-stack-protector-all -nonow -norelro" \ LDFLAGS="-ggdb" FEATURES="nostrip keepwork keeptemp" \ emerge buggyapp
Hope This Helps! Thank solar of hardened-gentoo for this tip I am redistributing.
