mb@rex.cs.tulane.edu (Mark Benard) (06/27/89)
We just noticed that w does not work. It returns the message "no kmem". Should /dev/kmem be made readable to the world or will that cause security problems? (We are running OSx4.4 on a 9815.) -- Mark Benard Department of Computer Science INTERNET & BITNET: mb@rex.cs.tulane.edu Tulane University USENET: [{ames,bionet}!]rex!mb New Orleans, LA 70118
karl@giza.cis.ohio-state.edu (Karl Kleinpaste) (06/27/89)
mb@rex.cs.tulane.edu writes:
We just noticed that w does not work. It returns the message "no kmem".
Should /dev/kmem be made readable to the world or will that cause
security problems?
That will cause security problems; the intelligent cracker will learn
all kinds of fascinating things by reading /dev/kmem.
We define a group "devkmem" with no members, and then chgrp all memory
devices to this group, and in turn chgrp and chmod g+s all the
memory-reading programs (ps, w, top, etc) so that they retain their
well-behaved access.
--Karl
csg@pyramid.pyramid.com (Carl S. Gutekunst) (06/27/89)
In article <856@rex.cs.tulane.edu> mb@rex.cs.tulane.edu (Mark Benard) writes: >We just noticed that w does not work. It returns the message "no kmem". >Should /dev/kmem be made readable to the world or will that cause >security problems? Making /dev/kmem world readable is *definitely* a security problem. It looks like someone has been careless when doing file copies or updates. As shipped, the permissions on /dev/kmem are: cr--r----- 1 root sys 3, 1 May 4 1988 /dev/kmem and the permissions on the kmem-reader utilities are: -rwxr-sr-x 1 bin sys 61440 Apr 29 1988 /bin/ps -rwxr-sr-x 1 bin sys 45056 Apr 14 1988 /etc/pstat -rwxr-sr-x 1 bin sys 32768 Apr 13 1988 /usr/ucb/vmstat etc. <csg>