reading process memory

Tofik Suleymanov tofik at
Wed Jun 7 17:47:58 UTC 2006

James Riendeau wrote:
> How are you defining "assuming right privileges"?
assuming uid 0

>   The only way you're going to be able to read another processes 
> address space is in the kernel.Even a process running as root is not 
> able to read another process's data.
how does gdb then reads for example different variables of running 
program ?
>   One of the principle responsibilities of the OS is to manage the 
> private memory space of each process, and I emphasize private.  The 
> last thing you would want on a secure system is the ability of other 
> processes to read or write to another process's address space.Even a 
> parent process should not be able to read a child's address space, as 
> the fork logically duplicates their address space and they go their 
> separate ways.  An attempt to read another processes address space 
> should trap to the kernel and the kernel should kill the process 
> immediately.  There is one exception to this:  you can setup a pipe or 
> memory share between two processes, however, both processes have to 
> agree to share some memory or connect via a pipe.  I'm not going to 
> give you a howto via email as the subject usually fills a solid 
> chapter in most OS books.
Thank you for brief and altogether extensive explanation of the case.The 
thing i wanted to do is to read let's say portions of memory where .bss 
and .data block of a running program reside.

is that possible ?

Tofik Suleymanov

More information about the freebsd-stable mailing list