symbols_loaded: raise privileges when needed

Author: rafaeldtinoco

pkg/events/derive/symbols_loaded.go

@@ -80,8 +80,7 @@ func (symbsLoadedGen *symbolsLoadedEventGenerator) deriveArgs(event trace.Event)
 	soSyms, err := symbsLoadedGen.soLoader.GetExportedSymbols(loadingObjectInfo)
 	if err != nil {
 		// TODO: Create a warning upon this error when logger is available
-
-		// This error happens frequently in some environments, so we need to silence it to reduce spam.
+		// TODO: rate limit frequent errors for overloaded envs
 		if symbsLoadedGen.isDebug {
 			return nil, err
 		} else {
@@ -98,9 +97,9 @@ func (symbsLoadedGen *symbolsLoadedEventGenerator) deriveArgs(event trace.Event)
 
 	if len(exportedWatchSymbols) > 0 {
 		return []interface{}{loadingObjectInfo.Path, exportedWatchSymbols}, nil
-	} else {
-		return nil, nil
 	}
+
+	return nil, nil
 }
 
 // isWhitelist check if a SO's path is in the whitelist given in initialization

pkg/utils/sharedobjs/host_symbols_loader.go

@@ -2,6 +2,8 @@ package sharedobjs
 
 import (
 	"debug/elf"
+
+	"github.com/aquasecurity/tracee/pkg/capabilities"
 	"github.com/hashicorp/golang-lru/simplelru"
 )
 
@@ -98,7 +100,12 @@ func (soCache *dynamicSymbolsLRUCache) Add(obj ObjInfo, dynamicSymbols *dynamicS
 
 // loadSharedObjectDynamicSymbols load all dynamic symbols of a shared object file in given path.
 func loadSharedObjectDynamicSymbols(path string) (*dynamicSymbols, error) {
-	loadedObject, err := elf.Open(path)
+	var loadedObject *elf.File
+	err := capabilities.Caps.Required(func() error {
+		var e error
+		loadedObject, e = elf.Open(path)
+		return e
+	})
 	if err != nil {
 		return nil, err
 	}