Advanced Mac OS X Rootkits.pdf - Reverse Engineering Mac OS X
Advanced Mac OS X Rootkits.pdf - Reverse Engineering Mac OS X
Advanced Mac OS X Rootkits.pdf - Reverse Engineering Mac OS X
- No tags were found...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Mac</strong>h Tasks vs. BSD Processes• <strong>Mac</strong>h Tasks own Threads, Ports, and Virtual Memory• BSD Processes own file descriptors, etc.• BSD Processes <strong>Mac</strong>h Task– task_for_pid(), pid_for_task()• P<strong>OS</strong>IX Thread != <strong>Mac</strong>h Thread– Library functions use TLS BSD Process<strong>Mac</strong>hThread<strong>Mac</strong>hThread<strong>Mac</strong>h Task<strong>Mac</strong>h Portnamespace...<strong>Mac</strong>hThreadVirtual Memory(mapping, permissions,memory regions)11