A debugger is a tool which enables a programmer to monitor the execution of a program. A debugger can stop execution of a program being debugged, re-start execution of the program, set breakpoints in the program, and/or access or change values in memory. A debugger can enable a program to be run step by step (called stepping), to stop at a particular line of code when a breakpoint is encountered (breaking), and can enable the value of variables to be inspected when the program is at a breakpoint or while the program is running (inspection). Some debuggers can also modify program state while the program is running, in addition to observing and reporting on program state. Hence, debuggers can be very useful.
Debugger processes are typically provided with a relatively high level of privilege so that they are enabled to debug programs in this manner. However, this same functionality that enables a debugger to be useful for finding bugs also enables a debugger to be a useful software cracking tool that can be used to breach security, including retrieving sensitive information, evading copy protection, circumventing digital rights management, and so on. Thus, the privilege level that is provided to debugger processes must be carefully managed.
For instance, in some cases, it may be desirable to use a browser based application running at a client computer to debug an application at a server. However, applications running at a client computer typically do not have sufficient privilege to debug applications at the server. A large security issue would arise if applications running at a client did have sufficient privilege to debug applications at the server. To raise the privilege level of the client-based browser based application to a sufficient level to debug the server-based application, enabling software must typically be installed at the client computer. For example, a debug DLL (dynamic link library) or other form of debug API (application programming interface) configured to raise the privilege of the client computer-based application may need to be installed at the client computer. Such APIs may not be available for many applications. To gain access to such APIs, an application may need a user to install a more privileged debugging stack (e.g., Microsoft® ICorDebug) through a normal .MSI (Microsoft® Installer) or through referencing an ActiveX control, or may need to perform other complex processes.