Date: Wed, 07 Jun 2006 18:24:56 +0300 From: Tofik Suleymanov <tofik@oxygen.az> To: James Riendeau <jtriende@wisc.edu> Cc: freebsd-stable@FreeBSD.ORG Subject: Re: reading process memory Message-ID: <4486EFC8.6080601@oxygen.az> In-Reply-To: <ED5EC8BD-0A92-4D73-BC01-48FD930311FF@wisc.edu> References: <4486A111.6020300@oxygen.az> <ED5EC8BD-0A92-4D73-BC01-48FD930311FF@wisc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
James Riendeau wrote: > How are you defining "assuming right privileges"? assuming uid 0 > The only way you're going to be able to read another processes > address space is in the kernel.Even a process running as root is not > able to read another process's data. how does gdb then reads for example different variables of running program ? > One of the principle responsibilities of the OS is to manage the > private memory space of each process, and I emphasize private. The > last thing you would want on a secure system is the ability of other > processes to read or write to another process's address space.Even a > parent process should not be able to read a child's address space, as > the fork logically duplicates their address space and they go their > separate ways. An attempt to read another processes address space > should trap to the kernel and the kernel should kill the process > immediately. There is one exception to this: you can setup a pipe or > memory share between two processes, however, both processes have to > agree to share some memory or connect via a pipe. I'm not going to > give you a howto via email as the subject usually fills a solid > chapter in most OS books. Thank you for brief and altogether extensive explanation of the case.The thing i wanted to do is to read let's say portions of memory where .bss and .data block of a running program reside. is that possible ? Sincerely, Tofik Suleymanov
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4486EFC8.6080601>