- Forum
- General C++ Programming
- C++ Compilers
C++ Compilers
Hello Masters,
Greetings!
I'm reading the comparison between c++ and c#, and i found that c++ will let you do almost anything provided the syntax is right. it is flexible language but you can cause some real damage to the OS. can you please explain if that is true? and provide an example please?
Thanks in advance!
Jbohol
Greetings!
I'm reading the comparison between c++ and c#, and i found that c++ will let you do almost anything provided the syntax is right. it is flexible language but you can cause some real damage to the OS. can you please explain if that is true? and provide an example please?
Thanks in advance!
Jbohol
If your program uses up too much memory so that it runs out of RAM and has to swap things to the hard drive it can make everything run extremely slow. This will not only affect your program but also the OS and all other programs.
> it is flexible language but you can cause some real damage to the OS. can you please explain if that is true?
We can only damage what we can directly access/modify. In general, we can't do any damage to a robust, well written OS unless our program is running under elevated privileges / access rights (the same privileges and access rights as the OS itself).
If we are reasonable people, none of our normal C++ programs would be running at these levels; there would be no danger to the OS from a programming mistake in a typical C++ program that we may write.
We may be able to lock up a system on which quota limits have not been enforced; put all processors into an infinite loop at real-time priority, eat up all the available disk space or memory, flood the network with spurious traffic etc. Even in this case, there would be no permanent, irreparable damage: a reboot would restore sanity.
We can only damage what we can directly access/modify. In general, we can't do any damage to a robust, well written OS unless our program is running under elevated privileges / access rights (the same privileges and access rights as the OS itself).
If we are reasonable people, none of our normal C++ programs would be running at these levels; there would be no danger to the OS from a programming mistake in a typical C++ program that we may write.
We may be able to lock up a system on which quota limits have not been enforced; put all processors into an infinite loop at real-time priority, eat up all the available disk space or memory, flood the network with spurious traffic etc. Even in this case, there would be no permanent, irreparable damage: a reboot would restore sanity.
I was reading from a french website on linux bash command.
https://openclassrooms.com/courses/
where if you will pardon my French and if I may quote :
" NON NON NON NE FAITES JAMAIS CA !!! => rm -rf /* "
this command could be sent to the OS using administrative ( ROOT) rights.
I was responding to the OP lastchance and his contribution of : " system( "delete *.*" ); "
Sorry, this is way off-topic,
Michel Chassey
https://openclassrooms.com/courses/
where if you will pardon my French and if I may quote :
" NON NON NON NE FAITES JAMAIS CA !!! => rm -rf /* "
this command could be sent to the OS using administrative ( ROOT) rights.
I was responding to the OP lastchance and his contribution of : " system( "delete *.*" ); "
Sorry, this is way off-topic,
Michel Chassey
define true :)
you can't do a lot of things anymore (I am really old). You can no long, for example, do this:
int * ip = 1;
memcpy(ip, viruscode, viruscodelength);
which would try to write to the operating system area of ram and inject a virus.
Modern OS notice this and put a stop to it, crashing and telling you that you don't have access to that memory.
you can't wipe the system folder on windows, because the OS blocks that and even restores files if damaged or missing. Unix may still let you if you run as root user when testing your code, which is like one of the first things you learn not to do (either by being told, or the hard way).
so, the reality is probably best summed up like this:
c++ can do anything that can be done on the computer but some things may be blocked by the OS or virus/security software and other watchdogs.
Any language that allows OS system calls can do damage.
Any language that allows writing/overwriting of files can do damage.
Any language that allows pointers can do damage if allowed.
Any language with networking access can do damage.
to put in in perspective, a shell script or batch file can wreck your system, and those are just text files.
basically, most full languages can do damage; the very limited scripting languages for web pages can't do much (thankfully).
you can't do a lot of things anymore (I am really old). You can no long, for example, do this:
int * ip = 1;
memcpy(ip, viruscode, viruscodelength);
which would try to write to the operating system area of ram and inject a virus.
Modern OS notice this and put a stop to it, crashing and telling you that you don't have access to that memory.
you can't wipe the system folder on windows, because the OS blocks that and even restores files if damaged or missing. Unix may still let you if you run as root user when testing your code, which is like one of the first things you learn not to do (either by being told, or the hard way).
so, the reality is probably best summed up like this:
c++ can do anything that can be done on the computer but some things may be blocked by the OS or virus/security software and other watchdogs.
Any language that allows OS system calls can do damage.
Any language that allows writing/overwriting of files can do damage.
Any language that allows pointers can do damage if allowed.
Any language with networking access can do damage.
to put in in perspective, a shell script or batch file can wreck your system, and those are just text files.
basically, most full languages can do damage; the very limited scripting languages for web pages can't do much (thankfully).
Hello,
I was asked to explain my post but friend jonnin did it very succinctly.
I don't know about writung to RAM, but the shell command I mentioned will not test anything, and if
executed will leave you with a very empty hard drive, and add some years to your life.
man rm gives you this answer : "rm - remove files or directories"
the " f " option means : ignore nonexistent files and arguments, never prompt
and " / " is your c: main directory, so start blotting out everything starting " there ".
If you ask, I will " rm " this post :)
Michel Chassey
I was asked to explain my post but friend jonnin did it very succinctly.
I don't know about writung to RAM, but the shell command I mentioned will not test anything, and if
executed will leave you with a very empty hard drive, and add some years to your life.
man rm gives you this answer : "rm - remove files or directories"
the " f " option means : ignore nonexistent files and arguments, never prompt
and " / " is your c: main directory, so start blotting out everything starting " there ".
If you ask, I will " rm " this post :)
Michel Chassey
writing to ram is a relic from a very long time ago. Nothing lets you do that anymore, maybe the smallest embedded systems that still use that dos-on-a-chip thing if those still exist... ?
Way, way back when you could dump executable code into memory and it would get hit and executed if you knew where to put it. This was as beneficial as it was risky; I had a program that let you edit any memory location and used it to heal myself or add lives etc in games as a kid. C++ will still let you do this... its trivial, just make a pointer, assign it the ram address where you want it, and dump machine language there (which you can lift from your own malicious program that you write first, you don't have to cook it). But no OS that is younger than I am is going to tolerate this; it will crash your program out and tell you to knock it off.
Way, way back when you could dump executable code into memory and it would get hit and executed if you knew where to put it. This was as beneficial as it was risky; I had a program that let you edit any memory location and used it to heal myself or add lives etc in games as a kid. C++ will still let you do this... its trivial, just make a pointer, assign it the ram address where you want it, and dump machine language there (which you can lift from your own malicious program that you write first, you don't have to cook it). But no OS that is younger than I am is going to tolerate this; it will crash your program out and tell you to knock it off.
Topic archived. No new replies allowed.