3b1 security and removal of ua
Norman Yarvin
yarvin-norman at cs.yale.edu
Fri Apr 12 11:22:36 AEST 1991
>You might be able to close this hole by securing(sp?) /dev/error,
The security hole is caused by smgr, which reads /dev/error and puts up the
icon. It can't be closed by not running smgr as root, since smgr needs to
run as root to perform the functions of cron. It can be closed by not
running smgr, and instead running Mike Ditto's 'errdemon', which reads
/dev/error and writes entries to a log file.
--
Norman Yarvin yarvin-norman at cs.yale.edu
More information about the Comp.sys.3b1
mailing list