Agents run in the same process with and communicate directly with the virtual machine executing the application being examined. This communication is through a native interface (JVM TI). The native in-process interface allows maximal control with minimal intrusion on the part of a tool. Typically, agents are relatively compact. They can be controlled by a separate process which implements the bulk of a tool's function without interfering with the target application's normal execution.
# 1 楼答案
一种可能的具体方法是:攻击者通过JVM TI加载本机代理
# 2 楼答案
具有与所讨论的进程相同权限的攻击者始终能够通过足够的努力提取或注入所需的任何数据
这适用于在共享安全上下文中运行的所有软件,而不仅仅是JVM
如果我们不是在谈论强大的安全性,而是更多地谈论可能会减慢攻击者速度的障碍和混淆,那么答案仍然是否,JVM通常提供大量的内省和检测接口,如果您已经有权访问它,则可以在运行时轻松地以安全的方式修改它