Linux BPFtrace – user switch from suid bit applications not detected
I want to monitor systemcalls with bpftrace (https://github.com/iovisor/bpftrace/). For most systemcalls, this works without problems, but I have problems to monitor applications, where the suid bit is set.
Folowing syscalls are monitored … Continue reading Linux BPFtrace – user switch from suid bit applications not detected