/proc filesystem
Is a pseudo-filesystem which provide an interface to kernel data structure.
Linux provides a /proc file system. which consist of a set of directories and files mounted under the /proc directory. This presents information about process and other system information in a hierarchical file-like structure, proving a more convenient accessing process data int the kernel memory.
In addition, a set of directories with names of the form /proc/PID, where PID is a process ID, allows us to view information about each process running on the system. “ Linux Programming Inteface — Michael Kerrisk”.
To understand this files is important to know how work the process and memory management.
The next files will be used to create a example:
/proc/[pid]/maps
Memory maps to executable and library files.
A file containing the currently mapped memory regions and their access permissions.
/proc/mem
Summary of how the kernel is managing the memory of machine.
Example:
Creating a process on machine allocating a string “Holberton” on heap of memory.
execute program:
this create a new process with PID:1947 CMD: Holberton
Immediately, this number process is open in /proc file like a directory.
If open this directory will find different files and between this maps.
in mem is allocate a string and with help of maps is possible to see address memory permission , and path etc.
in this case we need to find what there is in [heap]:
and scanning mem file we can find the string and modify it.
However a process must be privileged to modify the content of file.
Bibliography:
https://www.kernel.org/doc/Documentation/filesystems/proc..txt
Man proc
Linux Programming Inteface — Michael Kerrisk
