copy-on-write text pages when forking

Hi all,
if I get it right, when a fork is performed the pages that contain text code are cloned using a copy-on-write technique, and the reason is that if a debugger is running attached to the cloned process, the text can be modified without affecting the parent of the process.
Now, I have no idea of what happens when a debugger runs, but I thought that the text area was never ever modifiable under any circumstance, and the above seems to destruct my belief. Anyone can explain me better what happens in such case?
Thanks
 
After fork, all of the pages (except for shared memory, either SysV or POSIX) are copy-on-write. Debugger uses ptrace(2) to write to the address space of debugged process. Since it's COW, other processes are not affected.
 
Fine, searching a bit more I found that ptrace has flags to write inidcate the need to write instruction words and data. But this means that the text area is modifiable why the process is running. Even if this a special case (debugging applications), isn't this a problem with security?
 
Unless you're root. And of course there are additional restrictions due to jails (you cannot attach to a process with your UID running inside some other jail) and MAC.
 
Back
Top