The semaphores "protect" the shared memory only if all the programs using it are collaborating. I.e. It allows the program which wants to play nicely not to corrupt the shared objects.
The semaphores "protect" the shared memory only if all the programs using it are collaborating. I.e. It allows the program which wants to play nicely not to corrupt the shared objects.
This however doesn't guarantee that a malicious program will be able to jump in and corrupt the shared structures if it wants to. I don't know of any security-related features in C++ standard, therefore I would suggest to resort to OS-specific means. This means that you might need to have different code on Linux, Windows, Mac etc.(whichever are your target platforms), maybe even different code on different OS versions.
Yes, I alraedy have os-specific parts of code for different platforms as it is required because of different function calls for using shared mem and semaphores. Question is - what are the tricks to protect the memory/semaphore from being accidentaly accessed by other programs? – MiroJanosik Dec 17 '10 at 10:06 On Windows, you should look at SECURITY_ATTRIBUTES.
This structure is used in CreateSemaphore and CreateFileMapping (used for shared memory) – Vlad Dec 17 '10 at 10:13.
Nobody (within our life times) will ever come up with this {897917A3-D44E-4f0d-A458-1318152CCCDA} by chance. As for protection against malicious software, I'd utilize the security mechanisms in the operating system. Require services to run within the scope of some user, and then restrict access to external objects such as semaphores and shared memory to that user only.
As long as the security of that user isn't breached, then your system should be safe. On Windows you'd typically use the SECURITY_ATTRIBUTES structures when you create the semaphore and file mapping, and mode_t (with creat/open/chmod/etc) on Unix. Don't apply the method of security by obscurity, by making the names "hard to guess" and believe they are secret.
It will only help to not interfer with other applications on the same system. It will not stop malicious users/code, since the names of the object may not be a secret.
Thanks. Unfortunately I can't use GUID strings as on *nix I'm forced to use shmget() and semget() because of some limitations, and they accept key_t (which is int) as parameter. – MiroJanosik Dec 17 '10 at 14:09 Ah... I forgot about the semaphores in Unix.
I haven't worked with Unix since 2000 or so. Why don't you let one process randomly choose a free semaphore key, and store it in the shared memory. Then the other processes can acquire the semaphore handles through the shared memory.
Of course, you'd have to employ some locking mechanism that protects the other processes from race conditions when reading the semaphore keys. – Jörgen Sigvardsson Dec 17 '10 at 19:25.
I cant really gove you an answer,but what I can give you is a way to a solution, that is you have to find the anglde that you relate to or peaks your interest. A good paper is one that people get drawn into because it reaches them ln some way.As for me WW11 to me, I think of the holocaust and the effect it had on the survivors, their families and those who stood by and did nothing until it was too late.