How do you make your UNIX crash ???

John Chambers jc at minya.UUCP
Fri Mar 15 13:14:07 AEST 1991 

In article <JC.91Mar12232818 at raven.bu.edu>, jc at raven.bu.edu (James Cameron) writes:
> >>>>> On 12 Mar 91 23:45:37 GMT, ronnie at mindcraft.com (Ronnie Kon) said:
> 
> RK> May I suggest that posting ways of crashing machines may not be the best of
> RK> ideas?
> RK> 				Ronnie
> 
> I would like to second the suggestion.  Why would anyone really want
> to know HOW to crash it, unless they WANTED to crash it? 

Jeez, do we have to go through this "Don't tell them about problems; 
they'll just try to exploit them" argument yet again?

There's a very simple and practical explanation.  Some of us are trying
to provide robust, secure, etc. releases of systems.  If nobody tells
us about the problems, how do you expect us to ever fix them?

Keeping us ignorant of the problems is NOT the solution.

This is a professional Unix administrators' bulletin board; it's hard to
imagine a better place to post ways of damaging a Unix system.  There's 
also comp.unix.internals, if you want another good place.  (But telling
the administrators will likely get faster results. :-)

It'd also help if, rather than being insulting, people would followup
with ways to correct the problem.  One is the following permissions:
	cr--r-----   1 root  kmem   2,  1 Sep 20  1989 /dev/kmem
	-r-xr-sr-x   2 root  kmem   10038 Sep 20  1989 /bin/df
	-r-xr-sr-x   1 root  kmem   21810 Sep 20  1989 /bin/ps
and similarly for any other program that needs to read kmem.  Many
Unix systems come without the kmem group, and often have programs
like ps that are setuid-root.  This in general isn't the right way
to do it.  There should be as few setuid-root programs as possible,
because of the problems with bugs and undocumented features.  It
is almost always possible to use setgid instead of setuid, giving
much better security.

One gotcha in the above:  On some systems (Convex is one), ps must
be left setuid-root, because it checks its euid, and if it isn't a
super-user, it refuses to work.  I found this the hard way, trying
to do the above, and had to put ps back as I found it.  Sigh.

-- 
All opinions Copyright (c) 1991 by John Chambers.  Inquire for licensing at:
Home: 1-617-484-6393 
Work: 1-508-486-5475
Uucp: ...!{bu.edu,harvard.edu,ima.com,eddie.mit.edu,ora.com}!minya!jc

More information about the Comp.unix.admin mailing list