Should kmem be read to the world?
Carl S. Gutekunst
csg at pyramid.pyramid.com
Tue Jun 27 15:44:35 AEST 1989
In article <856 at rex.cs.tulane.edu> mb at rex.cs.tulane.edu (Mark Benard) writes:
>We just noticed that w does not work. It returns the message "no kmem".
>Should /dev/kmem be made readable to the world or will that cause
>security problems?
Making /dev/kmem world readable is *definitely* a security problem. It looks
like someone has been careless when doing file copies or updates. As shipped,
the permissions on /dev/kmem are:
cr--r----- 1 root sys 3, 1 May 4 1988 /dev/kmem
and the permissions on the kmem-reader utilities are:
-rwxr-sr-x 1 bin sys 61440 Apr 29 1988 /bin/ps
-rwxr-sr-x 1 bin sys 45056 Apr 14 1988 /etc/pstat
-rwxr-sr-x 1 bin sys 32768 Apr 13 1988 /usr/ucb/vmstat
etc.
<csg>
More information about the Comp.sys.pyramid
mailing list