Date: Mon, 17 Feb 2025 16:32:18 +0200
Amit, hackers attack the running process, which executes the machine
instructions, not the source code. At this point private, protected and
public are out of the picture. The compiler uses them to enforce what
source code is valid, but they are not present in the compiled code or in
the running process in any way, therefore they have absolutely no effect on
what a hacker can or can't do.
You say that you don't program in C++, and you demonstrate lack of even
basic knowledge of the language, yet you took the time to find this mailing
list, register, and post nonsense. I truly can't understand why people here
are so patient with you, when others with much better arguments for their
proposals and opinions are met with scathing rebuttals.
On Mon, Feb 17, 2025 at 4:13 PM Amit via Std-Discussion <
std-discussion_at_[hidden]> wrote:
> I am again saying that I had already agreed to it and till that time there
> was no acrimony.
>
> I am pasting my reply below. Please read the last line of my reply.
>
> -----------------------------
> I had read many times that hackers have taken control of a system by using
> a RCE (Remote Code Ececution) attack.
>
> So, they are also doing it from outside the process.
>
> The virtual table pointer is at the bottom of the C++ object structure.
> So, the virtual functions addresses can be changed to some other
> code/function address.
>
> But anyways, I just highlighted this. Its ok with me if there is no
> security issue because of this.
>
> Regards,
> Amit
> -----------------------------
>
> Ideally, the discussion should have stopped here after I agreed.
>
> But after that Tiago Freire wrote this:
>
> ----------------------
> In fact, this is not exclusive to C++, it’s been a thing in programming
> since before you were born.
> -----------------------
>
> Tiago Freire made an assumption and it was wrong and it offended me, so I
> repled back.
>
> If Tiago Freire wouldn't have wriiten about when I was born then we
> wouldn't have gotten into this mess.
>
> What's the need to get personal on a mailng list?
>
> Regards,
> Amit
>
>
>
> On Mon, Feb 17, 2025, 7:19 PM mauro russo via Std-Discussion <
> std-discussion_at_[hidden]> wrote:
>
>> Please, Amit, don't take It personally.
>>
>> Maybe, anyone might not be kind, but for sure I see Thiago is just trying
>> tò explain.
>>
>> This is not social media.
>>
>> However, again, from inside a process, in assembly, you can access
>> whatever you want in your memory, there is no OOP-protection at that level,
>> not even any security risk about that.
>> If an hacker has hands in the code (and this may happen... e.g. in open
>> source projects), this is not matter of programming language, but of
>> development process and SW lifecycle.
>> For your complain, you should ask to HW makers, or OS makers. But all
>> here believe that this would not make sense.
>> --
>> Std-Discussion mailing list
>> Std-Discussion_at_[hidden]
>> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>>
> --
> Std-Discussion mailing list
> Std-Discussion_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>
instructions, not the source code. At this point private, protected and
public are out of the picture. The compiler uses them to enforce what
source code is valid, but they are not present in the compiled code or in
the running process in any way, therefore they have absolutely no effect on
what a hacker can or can't do.
You say that you don't program in C++, and you demonstrate lack of even
basic knowledge of the language, yet you took the time to find this mailing
list, register, and post nonsense. I truly can't understand why people here
are so patient with you, when others with much better arguments for their
proposals and opinions are met with scathing rebuttals.
On Mon, Feb 17, 2025 at 4:13 PM Amit via Std-Discussion <
std-discussion_at_[hidden]> wrote:
> I am again saying that I had already agreed to it and till that time there
> was no acrimony.
>
> I am pasting my reply below. Please read the last line of my reply.
>
> -----------------------------
> I had read many times that hackers have taken control of a system by using
> a RCE (Remote Code Ececution) attack.
>
> So, they are also doing it from outside the process.
>
> The virtual table pointer is at the bottom of the C++ object structure.
> So, the virtual functions addresses can be changed to some other
> code/function address.
>
> But anyways, I just highlighted this. Its ok with me if there is no
> security issue because of this.
>
> Regards,
> Amit
> -----------------------------
>
> Ideally, the discussion should have stopped here after I agreed.
>
> But after that Tiago Freire wrote this:
>
> ----------------------
> In fact, this is not exclusive to C++, it’s been a thing in programming
> since before you were born.
> -----------------------
>
> Tiago Freire made an assumption and it was wrong and it offended me, so I
> repled back.
>
> If Tiago Freire wouldn't have wriiten about when I was born then we
> wouldn't have gotten into this mess.
>
> What's the need to get personal on a mailng list?
>
> Regards,
> Amit
>
>
>
> On Mon, Feb 17, 2025, 7:19 PM mauro russo via Std-Discussion <
> std-discussion_at_[hidden]> wrote:
>
>> Please, Amit, don't take It personally.
>>
>> Maybe, anyone might not be kind, but for sure I see Thiago is just trying
>> tò explain.
>>
>> This is not social media.
>>
>> However, again, from inside a process, in assembly, you can access
>> whatever you want in your memory, there is no OOP-protection at that level,
>> not even any security risk about that.
>> If an hacker has hands in the code (and this may happen... e.g. in open
>> source projects), this is not matter of programming language, but of
>> development process and SW lifecycle.
>> For your complain, you should ask to HW makers, or OS makers. But all
>> here believe that this would not make sense.
>> --
>> Std-Discussion mailing list
>> Std-Discussion_at_[hidden]
>> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>>
> --
> Std-Discussion mailing list
> Std-Discussion_at_[hidden]
> https://lists.isocpp.org/mailman/listinfo.cgi/std-discussion
>
-- This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it.
Received on 2025-02-17 14:32:28