I was wondering - are there any known methods for controlling access to an object with shared memory from anywhere except an authorized program?
For example, you could say that I am creating a shared memory segment for use in the program P accessed by Q, and I am doing it Read-Write. I can access it using Q, because I gave him (Q) the necessary permissions for this (works as a specific user with groups, etc.).
However, I assume that there are times when someone can potentially access this shared memory from program R - just connect to it and change it. To stop this, you can make the memory segment read-only, but now the R program can still read what was in memory.
My question in parts is
Is there any way
a) allow only Q to access shared memory?
b) indicate whether it was read by someone other than Q, and who did it? [Is this possible?] For bonus points, can this be made cross-platform? [Probably not, but not trying any harm :)]
Under what circumstances can a fraud program connect to shared memory? I assume that one way is that the user can use the holes in the OS and become the user who launched the program. Any others?