|
Are you sure this is how, let's say, Linux behaves? I tested it now in a minimal privilege account in a chroot on Debian 11 that I use for login from untrusted machines, and strace worked. This is how I captured a password entered into a ssh client password prompt, opened in another login shell of the same user: -bash-5.1$ ps aux | grep abcde z 2502130 0.0 0.3 9500 6132 ? S+ 18:04 0:00 ssh abcde@localhost z 2502140 0.0 0.1 6316 2336 ? S+ 18:04 0:00 grep abcde -bash-5.1$ strace -p 2502130 strace: Process 2502130 attached read(4, "s", 1) = 1 read(4, "e", 1) = 1 read(4, "c", 1) = 1 read(4, "r", 1) = 1 read(4, "e", 1) = 1 read(4, "t", 1) = 1 read(4, "\n", 1) = 1 write(4, "\n", 1) = 1 ioctl(4, TCGETS, {B38400 opost isig icanon -echo ...}) = 0 |