Is there a way to disable or disallow gdb or lldb access to my compiled library?

Question

Basically, all i would like to do is to make sure no one is able to step through sensitive code.

I read somewhere it was possible, only i can't find where i read that.

thanks!

Answer 1

i would like to do is to make sure no one is able to step through sensitive code.

The "no one" part is impossible: a sophisticated attacker will be able to do it no matter what you try.

There are many techniques that will stop less sophisticated attacker, this book shows some of them.

Generally, these techniques are not worth your time -- they make field support of your software hard, they don't stop sophisticated attacker (and you only need one to succeed to render your efforts useless), and your software usually isn't that interesting to begin with.

If it is useful enough, people will buy it. If it is not, adding protections will make it even less useful.

Answer 2

No. Fundamentally, anyone who can run the object code can inspect it to any degree.

If you don't want them to be able to run the object code, you have to run it on a machine of your choice, and only interact with the user over a network.

All techniques that claim to disable debuggers simply exploit bugs, which are usually fixed a few months later when the next version of the debugger is released; and even those are completely useless against debugging through a VM.