I’m packaging iaito (still work in progress) as a QT GUI for radare2.
radare2 (CLI) is already in the snap store using classic confinement. And since I understand we can’t use/depend on another snaps, my approach is to embedded (stage-snap) it inside iaito.
iaito and radare2 are a reversing framework that can be used to:
- analyze an binary file [non executed] (this works perfectly confined)
- analyze full raw hard discs or volumes for forensic proposes
- analyze memory of a remote device (connected via network, USB or serial)
- launch and debug a program provided by the user (using the user installed libraries)
- analyse all the memory of an already running program outside the confinement
Here some summary of the thread that took place last year for the request for confinement for radare2 (CLI only part) as well as its link:
In order to archive this using an strict confinement I tried last year with the following plugs:
- block-devices
- home
- network-bind
- network
- physical-memory-control
- process-control
- raw-usb
- raw-volume
- serial-port
- shared-memory
- system-trace
After the installation I connected those manually but still the snap can’t debug an external process, I still see the following error:
ptrace_attach: Operation not permittedI also tried disabling the yama ptrace restrictions without any luck.
I understand that IDE’s require classic confinement, not sure about if it is required for the debugging capabilities or to be able to use the development dependencies required for each project.
But I believe that iaito project requires this both, requires to be able to debug running processes, and to launch processes with unknown 3rd party dependencies in order to be able to debug them. In this fashion I believe that it can be considered an “IDE for machine code/ assembly language”, in one of their uses.
I’m still open to test any other interface to use destined to debug processes, but I think I already tried the significant ones that are documented. Also tell me if you require more information.