Pointers and security

Hi,

I know that I can access a spesific memory location, like this:
1
2
3
int * ptr = 0x11223355;
int value;
value = *ptr


So what if I know there is a secret password or something in that location, and I am trying to steal it. Isn't this a security problem?
You can only read that memory location if the operating system thinks you should be able to.

If that memory location is not memory that has been allocated to your program, your program will not be able to read it.
So, I have to ask operating system. Isn't there a way to access. For example, operating system itself is written in C too (most of the time), it doesn't have to ask another program which memory location can it access or not right?
You don't really have direct contact with the computer... at least not on modern multitasking operating systems. Everything goes through the OS.

It has to be done this way in order for things to work. If every task had direct access to hardware, they would constantly be butting heads. Program A would be using memory allocated by program B and they'd be writing over each other's memory. Things drawn to window C would mess up what window D is doing. It all has to be managed.

So yes, if you want to access memory outside of what was allocated by your process, you will need to request from the OS.

For a very simplistic analogy... think of it this way.

The OS owns all the memory. It's as if it immediately allocated all of it with new[]. It then hands out small "sections" of that memory to each spawned process.

For example, operating system itself is written in C too (most of the time), it doesn't have to ask another program which memory location can it access or not right?


No the OS doesn't need to check with any other program because it is in direct contact with the hardware.
I know that I can access a spesific memory location, like this:

You cant initialize a pointer like that.
But the thing I don't get is; while being an ordinary C program, like the ones I wrote myself, an operating system have direct access to computer right? So, what prevents my program doing the same thing. What prevents my program to just ignore what OS think about it, and read from a memory location?
From the moment you run a program, it is in the hands of the OS.
You cant initialize a pointer like that.


Oh, cut him some slack. :)

He clearly meant int * ptr = (int*)0x11223355;
So, what prevents my program doing the same thing. What prevents my program to just ignore what OS think about it, and read from a memory location?

Your program does not know what memory is. Your program does not have any functions that allow it to quiz the RAM. When you ask for the contents of memory location 0x11223355, who is your program asking? The operating system.

How does your program even start running? The operating system prepares things, and then calls some functions that got jammed in there at link time, and then one of them calls main function. Your entire program runs around in the space set aside for it by the operating system.

What has access to the hardware? The kernel. Is your program the kernel? No. Could the operating system allow your program access to everything? Yes, of course. It is in direct contact with the hardware. Will it do whatever your program asks? No. That's the way the OS has been written.

Generally, the value of the pointers you use won't have directly analogous bearing on physical memory anyway. Once upon a time, yes, but with a modern consumer OS? No. The memory your program gets is handed out by the operating system; the operating system will have its own records and could be using a completely different numbering system to actually quiz the RAM.
Last edited on
Your program does not know what memory is. Your program does not have any functions that allow it to quiz the RAM.


I know it has to be that way, and I now know it is that way, But, what is in the kernel that allowed it to quiz the ram, that my program can't have. In theory, could I have just open the source file of linux kernel, copy the parts that allowed it have access to actual physical memory, and be on my marry way. I guess what I am trying to say is, is kernel some sort of virtual machine, and when my programs run, It doesn't have any idea in which hardware it actually works on. Is it something like that?
Last edited on
The OS is running your program ins a different environment than it itself is running in. So, no, you can't do that. It's like aliens flying a space ship, and then you taking the engine and trying to fly a plane with it.
Interesting topic but if you're worried about password security, they're not stored in RAM (that would be silly). Even if you could dig down through the OS layers to get directly to the hardware that is storing a password it would be a useless jumble of encrypted bits.
I am just trying to understand how stuff works together. Since I am not computer engineering major, I don't have anyone to teach me that kind of stuff, so I am asking around. I am sorry if my questions sounds too silly, I just really don't have a good grasp on the way which operating systems work.
Topic archived. No new replies allowed.