From owner-freebsd-stable@FreeBSD.ORG Wed Jun 7 17:47:50 2006 Return-Path: X-Original-To: freebsd-stable@FreeBSD.ORG Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C087C16E3DA for ; Wed, 7 Jun 2006 15:25:18 +0000 (UTC) (envelope-from tofik@oxygen.az) Received: from mail.azerin.com (mail.azerin.com [212.47.128.23]) by mx1.FreeBSD.org (Postfix) with SMTP id 6CABA43D48 for ; Wed, 7 Jun 2006 15:25:14 +0000 (GMT) (envelope-from tofik@oxygen.az) Received: (qmail 45116 invoked from network); 7 Jun 2006 15:25:20 -0000 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on ml350.azerin.com X-Spam-Level: X-Spam-Status: No, score=-2.4 required=5.0 tests=AWL,BAYES_00, UNPARSEABLE_RELAY autolearn=ham version=3.1.1 Received: from qmail by qscan (mail filter); 7 Jun 2006 15:25:20 +0000 Received: from unknown (HELO ?212.47.129.5?) (212.47.129.5) by mail.azerin.com with SMTP; 7 Jun 2006 15:25:20 -0000 Message-ID: <4486EFC8.6080601@oxygen.az> Date: Wed, 07 Jun 2006 18:24:56 +0300 From: Tofik Suleymanov User-Agent: Thunderbird 1.5.0.2 (X11/20060425) MIME-Version: 1.0 To: James Riendeau References: <4486A111.6020300@oxygen.az> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-stable@FreeBSD.ORG Subject: Re: reading process memory X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Jun 2006 17:47:58 -0000 James Riendeau wrote: > How are you defining "assuming right privileges"? assuming uid 0 > The only way you're going to be able to read another processes > address space is in the kernel.Even a process running as root is not > able to read another process's data. how does gdb then reads for example different variables of running program ? > One of the principle responsibilities of the OS is to manage the > private memory space of each process, and I emphasize private. The > last thing you would want on a secure system is the ability of other > processes to read or write to another process's address space.Even a > parent process should not be able to read a child's address space, as > the fork logically duplicates their address space and they go their > separate ways. An attempt to read another processes address space > should trap to the kernel and the kernel should kill the process > immediately. There is one exception to this: you can setup a pipe or > memory share between two processes, however, both processes have to > agree to share some memory or connect via a pipe. I'm not going to > give you a howto via email as the subject usually fills a solid > chapter in most OS books. Thank you for brief and altogether extensive explanation of the case.The thing i wanted to do is to read let's say portions of memory where .bss and .data block of a running program reside. is that possible ? Sincerely, Tofik Suleymanov