如何在linux下挂钩进程的消息? [英] how to hook message of a process under linux?
本文介绍了如何在linux下挂钩进程的消息?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
hi
在windows下挂钩很容易,但如何在linux下挂钩。我想在linux下挂钩进程的消息,你能给我一些帮助吗?
-kkklko
hi
hook under windows is easy,but how to hook under linux.I want to hook messages of a process under linux,could you give me some help?
-kkklko
推荐答案
不仅一般情况下不一定可行,但问题根本没有意义。首先,即使是Windows进程也可能没有任何消息;至于Linux,没有一个类似于Windows消息的概念。通常,Linux具有比Windows混合内核更小,更独特的内核,并且UI消息不是内核的一部分。
(比较:
http://en.wikipedia.org/wiki/Hybrid_kernel [ ^ ],
http://en.wikipedia.org/wiki/Linux_kernel [ ^ ],
http:// en.wikipedia.org/wiki/Monolithic_kernel [ ^ ]。)
此外,将代码注入到另一个进程的消息处理中是一种特定于Windows的历史废话。从历史上看,Windows在DOSOS上出现了一个shell,没有任何进程隔离支持。任何进程都可以自由直接访问任何其他进程的内存。不同的进程可以通过彼此发送消息来进行通信,这些消息旨在组织单个进程的面向公平的UI。后来,i386 CPU的保护模式和分页(NT,新技术)引入并支持进程的隔离存储空间。但是,出于兼容性原因,所有消息,进程之间通过发送/发布消息和消息处理(Windows函数)挂钩之间的通信仍然存在,并且实际上可以在最新版本的Windows中使用。然而,用于IPC的所有这些技术远离OS演变的总体线;我强烈反对使用它们。难怪,Linux与这种情况相差甚远。
-SA
Not only it is not in general case possible, but the question makes no sense at all. First of all, even Windows processes may not have any messages; as to Linux, there is no a single concept analogous to Windows "message". Generally, Linux has much smaller and much more distinct kernel then Windows "hybrid" kernel, and UI "messages" is not a part of the kernel.
(Compare:
http://en.wikipedia.org/wiki/Hybrid_kernel[^],
http://en.wikipedia.org/wiki/Linux_kernel[^],
http://en.wikipedia.org/wiki/Monolithic_kernel[^].)
Moreover, the injection of the code into the message processing of another process is a kind of Windows-specific historical nonsense. Historically, Windows emerged as a shell over the DOS "OS", without any support of process isolation. Any process could freely and directly access memory of any other process. Different processes could communicate by sending messages to each other, same very messages designed to organize the even-oriented UI of the single process. Later on, isolated memory spaces for processes was introduces and supported by the protected mode and paging of i386 CPUs (NT, "New Technology"). However, for compatibility reasons, all messages, communications between processes via sending/posting messages and message handling (Windows Function) hooking survived and can actually be used in the newest versions of Windows. Nevertheless, all such techniques used as IPC lie far away from the general line of OS evolution; and I would strongly discourage the use of them. No wonder, Linux is pretty far from this situation.
—SA
这篇关于如何在linux下挂钩进程的消息?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
