On 20/02/24 07:56, Mike Sanders wrote:
> Just thinking aloud... Imagining here allowing more advanced users of
> my app to modify a string of digits residing at the end of my project's
> binary/exe. When the app loads, it reads in those digits. So far (knock
> on wood), I've not run up against a single case where the code below has
> failed to work under multiple OSs. A method mostly for power user's.
>
> The user simply opens the compiled project in their favorite hex editor
> & modifies the pre-existing string, a pseudo bitmask of sorts. Certainly
> the user could unwittingly add/remove bytes rather than only modifying the
> bytes, still its a nifty idea. But practical? I'm not so sure on that point.
>
> Any other gotchas of note?

If they can only modify bytes, not add or remove, you can just put some
bytes anywhere in your code and the user can find them modify them with
a hex editor. You don't need to do anything special to allow someone to
modify a file in their possession.

immibis <news@immibis.com> wrote:

> If they can only modify bytes, not add or remove, you can just put some
> bytes anywhere in your code and the user can find them modify them with
> a hex editor. You don't need to do anything special to allow someone to
> modify a file in their possession.

Thanks for your input, I appreciate it.

--
:wq
Mike Sanders

On Sun, 25 Feb 2024 14:54:35 -0800, Keith Thompson
<Keith.S.Thompson+u@gmail.com> wrote:

> porkchop@invalid.foo (Mike Sanders) writes:
> > Keith Thompson <Keith.S.Thompson+u@gmail.com> wrote:
> >> It's recommended *not* to include the current directory in $PATH.
> >
> > I've been thinking about that very thing in fact. It renders my
> > idea of a binary reading a few bytes from its-self all but dead.
> > I wont subvert a given security model for a configuration flag
> > or two...
> >
> > But there you have it, a wonky idea, I've got plenty of them.
>
> Under Linux, a program can find its executable via /proc/$$/exe .

YM sprintf(buf, "/proc/%d/exe", getpid()) // or if paranoid snprintf
because substituting for $$ is a feature of shell and perl only. But
/proc/self/exe works in anything.

dave_thompson_2@comcast.net wrote:

> YM sprintf(buf, "/proc/%d/exe", getpid()) // or if paranoid snprintf
> because substituting for $$ is a feature of shell and perl only. But
> /proc/self/exe works in anything.

For Linux, sure. But the BSDs & Apple & Win...

Reading itsself, its real self, seems to me to be the only
cross platform way.

--
:wq
Mike Sanders

On Sat, 02 Mar 2024 01:10:09 +0000, Mike Sanders wrote:

> dave_thompson_2@comcast.net wrote:
>
>> YM sprintf(buf, "/proc/%d/exe", getpid()) // or if paranoid snprintf
>> because substituting for $$ is a feature of shell and perl only. But
>> /proc/self/exe works in anything.
>
> For Linux, sure. But the BSDs & Apple & Win...
>
> Reading itsself, its real self, seems to me to be the only
> cross platform way.

Perhaps, but there seems to be no cross-platform way for a program
to determine the "itself" to read.

--
Lew Pitcher
"In Skills We Trust"

Lew Pitcher <lew.pitcher@digitalfreehold.ca> wrote:

>> For Linux, sure. But the BSDs & Apple & Win...
>>
>> Reading itsself, its real self, seems to me to be the only
>> cross platform way.
>
> Perhaps, but there seems to be no cross-platform way for a program
> to determine the "itself" to read.

Another thing too Lew... what if there is *no* path (for instance
something like a small controller/embedded environment)? It couldn't
find itsself in any event then I'm thinking.

--
:wq
Mike Sanders

Spiros Bousbouras <spibou@gmail.com> wrote:

> Which may be the wrong order. Regardless of the overall merits of your idea ,
> it should mimic as close as possible how the system finds executables. This
> means not search in the current directory unless the appropriate constructs
> exist in PATH and search the components in the same order as they appear in
> PATH .This implies recognising :: in PATH and my point is that using
> strtok() (apart from its other issues) makes it harder to do this.

Yes, sounds like good advice to me Spiros.

--
:wq
Mike Sanders