What reason should /dev/kmem not be world-readable?
John F. Haugh II
jfh at rpp386.Dallas.TX.US
Thu Nov 10 00:42:06 AEST 1988
In some long lost article, someone wrote:
>->In fact, when Mark Kampe came to the site to install some goodies
>->we used this marvelous program to watch his terminal session on
>->other tubes. It was better than a script program.
This can be very dangerous. Letting one of those run on a terminal
root or some other privileged user is likely to use could have nasty
results.
/dev/kmem should never be readable by regular users. ps and other
kernel pokers should run S(U|G)ID the owner of the device.
--
John F. Haugh II +----Make believe quote of the week----
VoiceNet: (214) 250-3311 Data: -6272 | Nancy Reagan on Artifical Trish:
InterNet: jfh at rpp386.Dallas.TX.US | "Just say `No, Honey'"
UucpNet : <backbone>!killer!rpp386!jfh +--------------------------------------
More information about the Comp.unix.wizards
mailing list