From mboxrd@z Thu Jan 1 00:00:00 1970 From: compudj@krystal.dyndns.org (Mathieu Desnoyers) Date: Tue, 22 Jun 2010 14:14:23 -0400 Subject: [ltt-dev] Password snooping using LTTng In-Reply-To: References: Message-ID: <20100622181423.GA16149@Krystal> * jerome zh (jeromezhr at gmail.com) wrote: > Hello, > > I learned from the slides on LTTng website that Lttng is capable of > password snooping. > I've tried this on my LTTng-enabled kernel, but I did not get the password.... > > What is the problem? Should I insert extra tracepoints which are > needed for password snooping? Which LTTng version are you using ? It depends on the input subsystem tracing (see ltt-armall, it's now disabled by default for security reasons) if you want to record keypress. In earlier lttng versions, we also traced the write() system call first bytes of payload, but this instrumentation is currently removed. Mathieu > > -- > Regards, > > Jerome > > _______________________________________________ > ltt-dev mailing list > ltt-dev at lists.casi.polymtl.ca > http://lists.casi.polymtl.ca/cgi-bin/mailman/listinfo/ltt-dev > -- Mathieu Desnoyers Operating System Efficiency R&D Consultant EfficiOS Inc. http://www.efficios.com