Skip to content
/ mlockall_agent Public
forked from toddlipcon/mlockall_agent

JVMTI agent which calls mlockall and setuids down to a target user upon initialization

3 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

brockn/mlockall_agent

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README
README
 
 
compile.sh
compile.sh
 
 
mlockall_agent.c
mlockall_agent.c
 
 

Repository files navigation

Overview:

mlockall_agent is a simple JVMTI agent that runs a small piece of code at JVM start time.

This code does the following:
- Raises the current process's resource limit for locked memory
- Calls mlockall() to lock all current and future allocations in wired memory
- Sets the current userid and group list to match a target user
- Continues on JVM initialization

Usage:

Simply add the following JVM argument to the Java command line:
  -agentpath:/path/to/libmlockall_agent.so=user=target_user_for_setuid

Then, run the Java process as root.

If the Java command line is obscured within a script, you can also use the JAVA_TOOL_OPTIONS
environment variable for the same effect.

About

JVMTI agent which calls mlockall and setuids down to a target user upon initialization

Resources

Readme
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published