Re: strace can lie

[pavel () UCW CZ (Pavel Machek)]

Hi!

> > When you see snippet from strace, that says:
> >
> > open("/etc/passwd", O_RDONLY)           = 3
> >
> > Do you trust it? You should not.
>
> I'm not sure what your point is, really. strace shows that /etc/passwd
> got opened successfully and returned file descriptor 3. If the open()
> failed, you'd see -1 as the return value.

I'm pointing out that application could have _any other_ file
opened. Name is not to be trusted because it could have changed
between strace printing it and kernel doing the syscall.
                                                        
> What's deceptive about strace?

That it is not safe w.r.t. races.

--
I'm pavel () ucw cz. "In my country we have almost anarchy and I don't care."
Panos Katsaloulis describing me w.r.t. patents me at discuss () linmodems org