Low privilege debugging pipeline
First Claim
Patent Images
1. A system that performs remote debugging securely comprising:
- a computer comprising a processing unit coupled to a memory, the computer further comprising;
a low privilege debug pipeline publisher executing as a server process in a client-server environment,the low privilege debug pipeline publisher publishing debuggability of code belonging to a client in the client-server environment via a low privilege debug pipeline, wherein a debug process isolated running on a server computer on client code resident on the server computer is isolated by publishing the low privilege debug pipeline, the client code resident on the server computer, wherein the low privilege debug pipeline publisher applies a transformation to the client code resident on the server computer, the transformation returning control to the server computer when a debug instruction in the client code is encountered in a debug session, the transformation comprising an insertion of one or more instructions at each place in the client code at which a breakpoint or other debug instruction can be inserted, wherein a debug operation resulting in a pause or stop of execution of the client code does not pause or stop execution of other client threads,wherein a debugging session debugging the client code resident on the server computer is a low privilege process running on the server computer and is restricted to the client code resident on the server computer, wherein in response to encountering a debug instruction in the client code being debugged, control is returned to the server computer and debug information requested by the client is returned to the client via the low privilege debug pipeline, wherein the returned debug information is filtered to exclude confidential information and is limited to the client code belonging to the client.
2 Assignments
0 Petitions
Accused Products
Abstract
A low privilege debug pipeline publisher advertises a debugging pipeline. Instead of having a client to which a debugger on the server has been attached interrogate the server for debugging information, the client requests information from the server. Control is returned to the server which can refuse to provide the requested information to the client. A debuggee server executes client code being debugged in an isolated context so that pausing the code at a breakpoint does not block the server. The server can apply transforms to compiled code to make the code cooperate with debugging services so that a privileged component to inspect the debuggee code is not needed.
42 Citations
9 Claims
-
1. A system that performs remote debugging securely comprising:
-
a computer comprising a processing unit coupled to a memory, the computer further comprising; a low privilege debug pipeline publisher executing as a server process in a client-server environment, the low privilege debug pipeline publisher publishing debuggability of code belonging to a client in the client-server environment via a low privilege debug pipeline, wherein a debug process isolated running on a server computer on client code resident on the server computer is isolated by publishing the low privilege debug pipeline, the client code resident on the server computer, wherein the low privilege debug pipeline publisher applies a transformation to the client code resident on the server computer, the transformation returning control to the server computer when a debug instruction in the client code is encountered in a debug session, the transformation comprising an insertion of one or more instructions at each place in the client code at which a breakpoint or other debug instruction can be inserted, wherein a debug operation resulting in a pause or stop of execution of the client code does not pause or stop execution of other client threads, wherein a debugging session debugging the client code resident on the server computer is a low privilege process running on the server computer and is restricted to the client code resident on the server computer, wherein in response to encountering a debug instruction in the client code being debugged, control is returned to the server computer and debug information requested by the client is returned to the client via the low privilege debug pipeline, wherein the returned debug information is filtered to exclude confidential information and is limited to the client code belonging to the client. - View Dependent Claims (2, 3, 4)
-
-
5. A computer-readable storage medium, the computer-readable storage medium not consisting of a propagating signal, the computer-readable storage medium comprising computer-executable instructions which when executed cause a computing environment to:
-
isolate a debug process running on a server computer on client code resident on the server computer, wherein a debug operation resulting in a pause or stop of execution of the client code does not pause or stop execution of other client threads in the process, wherein the debug process is isolated by publishing a low privilege debug pipeline, wherein the low privilege debug pipeline limits debug information provided to a client computer to the client code belonging to the client computer, the client code resident on the server computer; and publish the low privilege debug pipeline publishing debuggability of the client code, the low privilege debug pipeline executing as a server process, wherein the low privilege debug pipeline applies a transformation to the client code resident on the server computer, the transformation returning control to the server computer when a debug instruction in the client code is encountered in a debug session, the transformation comprising an insertion of one or more instructions at each place in the client code at which a breakpoint or other debug instruction can be inserted, wherein a debugging session debugging the client code resident on the server computer is a low privilege process running on the server computer and is restricted to the client code resident on the server computer, wherein in response to encountering a debug instruction in the client code being debugged, control is returned to the server computer and debug information requested by the client is returned to the client via the low privilege debug pipeline, the returned debug information is filtered to exclude confidential information. - View Dependent Claims (6, 7, 8, 9)
-
Specification