Bugtraq mailing list archives

Re: /dev/{km,m}em worries

From: bogstad () blaze cs jhu edu (Bill Bogstad)
Date: Tue, 17 May 1994 17:28:48 -0400

Also, be aware that /etc/crash is setgid kmem and allows you to fork
a shell and DOES NOT reset the group id for that shell.  So even if
your /dev/kmem is set properly to mode 640, if users can run /etc/crash,
they can still do this.

My solution was simply chmod 700 /etc/crash on all my systems.   Root
is the only one that needs it anyway....


        Sun patch 100103-XX is a shell script which when run fixes this and
other similar permissions problems on various files and directories.  The
current version (ftpable from Sun) is 100103-12.  You might want to check
what this script does before you run it, but it probably provides a good
pointer at things you should examine.  For example, we have decided locally
to make the /dev/*fd* world readable/writable.

                                Bill Bogstad

Current thread:

/dev/{km,m}em worries rickt () gnu ai mit edu (May 17)
- Re: /dev/{km,m}em worries Rob Quinn (May 17)
- <Possible follow-ups>
- Re: /dev/{km,m}em worries H Morrow Long (May 17)
- Re: /dev/{km,m}em worries Bruce Barnett (May 17)
- Re: /dev/{km,m}em worries der Mouse (May 17)
- Re: /dev/{km,m}em worries Jim Thompson (May 17)
  - Re: /dev/{km,m}em worries (now crash ) Chris Phillips (May 18)
- Re: /dev/{km,m}em worries Pete Hartman (May 17)
  - Re: /dev/{km,m}em worries Bill Bogstad (May 17)
- Re: /dev/{km,m}em worries Jim Thompson (May 17)
- Re: /dev/{km,m}em worries der Mouse (May 17)