Kmem security (was: Re: How do you make your UNIX crash ???)
Dave Turner
dmturne at PacBell.COM
Fri Apr 5 06:24:46 AEST 1991
In article <638 at minya.UUCP> jc at minya.UUCP (John Chambers) writes:
.In article <1991Mar24.203327.18426 at ttank.ttank.com>, tts at ttank.ttank.com (Karl Bunch) writes:
.> In <601 at minya.UUCP> jc at minya.UUCP (John Chambers) writes:
.> >There have been some claims that getting passwords from the kernel is
.> >"easy". I'd like to see an example of how easy it is. It strikes me
.> >as being not very easy at all. Well, sure, I can read all of kmem into..
.>
.> Try this.. Login as root:
.>
.> time strings /dev/kmem | grep rootpassword | wc -l
.>
.> You'll be surprised.
.
.I tried it; I wasn't at all surprised. It gave me no output at all.
.What was it supposed to do? This is a Sys/V.3 system. I tried it
I'd be surprised if a least one user didn't learn your rootpassword
by typing a ps (ps -ef on system v) while you were running this command.
The security exposure of running a grep with root's clear password is
much greater than someone getting it from /dev/kmem.
--
Dave Turner 415/823-2001 {att,bellcore,sun,ames,decwrl}!pacbell!dmturne
More information about the Comp.unix.admin
mailing list