System Call Tracking without ptrace,strace,etc.
Posted on In QA, TutorialHow could I log system calls made by another process without using current built in functions like ptrace, strace, audit etc.
I think two options are intercepting the system call table, and another is modifying the entry_64.s file. I want to output these system calls to a file.
Can’t find any suggestions on this anywhere.
What’s the reason that you don’t use ptrace? It is supported from Linux kernel directly. Any other solutions may likely go through a similar way to what ptrace does..
