in reply to Re: Re: May Thy Closures Be Blessed
in thread May Thy Closures Be Blessed

I know it's possible to dig into someone else's lexical scope, but it's far more difficult than doing $obj->{foo}. Ultimately, I can't do anything to stop someone from tralling through /dev/mem or the equivilent on another system.
It may be useful to point this out to Java users sometimes. Java's privacy rules have been successfully violated in the past using that loophole - everything is public at some point.

  • Comment on Re: Re: Re: May Thy Closures Be Blessed

Replies are listed 'Best First'.
Re: Re: Re: Re: May Thy Closures Be Blessed
by ambrus (Abbot) on Apr 26, 2004 at 20:43 UTC

    You can't use /dev/mem if you're not root; but fortunately there's a simpler interface to read the memory of process: ptrace.

    For those who don't already know. Ptrace is the system call on linux and many other unixes that debuggers such as gdb and strace use. With ptrace any process can inspect any other process that is running under the same uid (provided that the other process is not setuid or setgid; root can ptrace any process but init). You can trace system calls and signals, read or write the virtual address space and registers of the traced process. You can single-step a process by setting the single-step flag of the processor, and catching the generated SIGTRAP signals with ptrace.