{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 再贱就再见 的问题《Parsing /proc/maps? [closed]》','https://www.manongdao.com/q-1161266.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I wrote the following code in C. What I have done so far is open the proc directory and read the processes inside - dictories that did not consist of numerical characters were simply disregarded as I only want to look at the numeric directories. What I want to do is to print the PID of all the processes in the proc directory that have read and write permissions. My question is how can I extract the permissions of a process from the proc/.../maps file?
Here is a snippet of my code where I am having trouble:
sprintf(buf, "/proc/%d/maps", tgid->d_name);
file = fopen(buf, "r");
while (fgets(buf, sizeof(buf), file)) {
sscanf(buf, "%x-%x %4c %x %x:%x", &from, &to, flags, &offset, &major, &minor);
}
fclose(file);
if (flags[0] == 'r' && flags[1] == 'w') {
printf("%d\n", tgid->d_name);
}
A process is an abstraction provided by some operating system. It makes no sense to speak of a "readable" process (or a "writable" one), or one with "read" permissions or "write" permissions, since it is about file system permissions. A process is not a file, and its
/proc/1234/directory is just a view into that process given by the kernel. A process is using file descriptors to access files (and you might scan its/proc/1234/fd/directory).The proc(5) file system is a pseudo file system specific to Linux. The
/proc/$pid/mapsis a textual view showing the virtual address space of a process. You can read that pseudo-file sequentially.To change its virtual address space, a Linux process would use system calls like execve(2) (which initializes a fresh virtual address space for a new program), mmap(2) and
munmap, mprotect(2), etc...To scan a directory (such as
/proc/1234/fd/or even/proc/) programmatically, use opendir(3) withclosedirafter having looped on readdir(3) (you'll probably also use stat(2) on a file path that you have constructed) You could use nftw(3) in some cases.Read also Operating Systems: Three Easy Pieces to get a broad view about OSes.
after edit
That has no sense. A process don't have permissions, but it does have credentials(7) (which define what file accesses are permitted to the process). You may parse
/proc/1234/statusto find the credentials of process of pid 1234 (in particular, the lines starting withUid:andGid:from that pseudo-file).Read some good Linux programming book, perhaps the old ALP. Read also syscalls(2), execve(2), inode(7), path_resolution(7) and also the failure cases of file related system calls such as open(2), read(2), etc... (so also errno(3)). Take time to read carefully proc(5).
You cannot extract such information from that file. The
/proc/1234/mapspseudo-file describes the virtual address space of process 1234. The credentials are given (with other status information) in/proc/1234/status. And it makes no sense to speak of the permissions of a process.I don't know what exactly you're trying to do, but your program certainly doesn't do it.
Here's what your program does:
/proc/1234/mapswhere 1234 is the process's own PID.flagsand other variables.flags, which was collected from the last (matching) line.So:
mapsfile. On x86_64 at least, this is the vsyscall area, which contains code and therefore is executable but not writable.I won't offer a way to fix your program since I don't know what you want it to do. Saying “have read and write permissions” is incomplete: permissions over what?