Problems with permissions on sockets.
Paul De Bra
debra at alice.UUCP
Fri Jul 27 07:37:03 AEST 1990
In article <1990Jul26.102810.4816 at hod.uit.no> arneme at sfd.uit.no writes:
>Last night something weird happend on one of our Unix machines (a Sun
>3/60 running SunOs 4.0.3) :
>
>The permissons on the device files /dev/kmem and /dev/mem was changed
>from 644 to 640. This resulted in that users running programs opening
>and reading either kmem or mem complained about it not working...
/dev/kmem and /dev/mem should never have been 644 in the first place.
Allowing any process to read kernel memory means that one can get a
process to peek at tty input buffers and things like that. (so any time
anyone types his password, whoops...)
Paul.
--
------------------------------------------------------
|debra at research.att.com | uunet!research!debra |
------------------------------------------------------
More information about the Comp.unix.wizards
mailing list