Kmem security (was: Re: How do you make your UNIX crash ???)
Chris Torek
torek at elf.ee.lbl.gov
Fri Mar 22 18:35:34 AEST 1991
In article <601 at minya.UUCP> jc at minya.UUCP (John Chambers) writes:
>There have been some claims that getting passwords from the kernel is
>"easy". I'd like to see an example of how easy it is. It strikes me
>as being not very easy at all.
It is not `easy' in the sense of being trivial, but it is not all
that difficult, either: back in the days of 4.1BSD, at the University
of Maryland, we had a student% who wrote a little `kmem reading'
program that scanned clists.
>The serial-port clists are especially tricky to read out of kmem,
>because the data structures change so fast.
The forementioned program did exactly that, with a success rate running
around 80 to 90 percent. That is, it usually lost 1 or 2 out of every
ten characters.
>Note that I'm not saying it can't be done; I'm just questioning how
>easy it is to get anything useful this way.
Said student certainly got a number of useful tidbits... plus a number
of wrist-slappings. :-)
-----
% No, it was not me. *My* days were in high school. :-)
--
In-Real-Life: Chris Torek, Lawrence Berkeley Lab CSE/EE (+1 415 486 5427)
Berkeley, CA Domain: torek at ee.lbl.gov
More information about the Comp.unix.admin
mailing list