[Android] Does crashpad work for Android at all?

[Ethan Liu]

Hello, 

    It seems the crashpad handler calling ptrace on the crashed process.

    How could a unprivileged process call ptrace attaching to another (non-debuggable) process on Android? 

or it can work only if the handler process is the parent of the monitored one?  thanks!

[ceswi...@gmail.com]

To follow up on this: it looks like we would need to deploy our Android app with the 'debuggable' flag so that the crash handler sub-process can attach to it. But this is a major security concern for us, since it means that any Android process could attach as well.

Is there any way around this? How has Chrome/Chromium dealt with this? We're looking at PR_SET_PTRACER, which seems like it would solve the problem on Linux, but we're not clear if Android uses the same Yama security modules and if this technique would work.

thanks,
chris

[Joshua Peraza]

This might be related to not having set PR_SET_DUMPABLE. I've submit a change to set this flag at crash time but I haven't verified on a real device: https://chromium-review.googlesource.com/c/crashpad/crashpad/+/1382598

--
You received this message because you are subscribed to the Google Groups "Crashpad-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to crashpad-dev...@chromium.org.
To post to this group, send email to crashp...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/crashpad-dev/15a80a6a-4a8a-4e83-a2ff-fe150115c5fa%40chromium.org.