[lldb-dev] [OS X] debugserver SETUID root?

Pavel Labath via lldb-dev lldb-dev at lists.llvm.org
Thu Sep 1 02:14:16 PDT 2016


On 1 September 2016 at 10:01, René J.V. Bertin via lldb-dev
<lldb-dev at lists.llvm.org> wrote:
> - does the debugserver application do anything which makes it a really bad idea to make it SETUID root?
It listens on a tcp connection, and takes control of random applications.

 debugserver is the ultimate remote code execution tool, and it does
not even try to hide it. I don't know whether it has any special
security safeguards on osx (there certainly aren't any on linux), but
I think having it installed that way is an open invitation to get
pwned.

pl


More information about the lldb-dev mailing list