Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!giza.cis.ohio-state.edu!karl
From: karl@giza.cis.ohio-state.edu (Karl Kleinpaste)
Newsgroups: comp.sys.pyramid
Subject: Re: Should kmem be read to the world?
Message-ID: <KARL.89Jun26153707@giza.cis.ohio-state.edu>
Date: 26 Jun 89 19:37:07 GMT
References: <856@rex.cs.tulane.edu>
Sender: news@tut.cis.ohio-state.edu
Distribution: usa
Organization: Ohio State Computer Science
Lines: 14
In-reply-to: mb@rex.cs.tulane.edu's message of 26 Jun 89 18:47:19 GMT

mb@rex.cs.tulane.edu writes:
   We just noticed that w does not work.  It returns the message "no kmem".
   Should /dev/kmem be made readable to the world or will that cause
   security problems?

That will cause security problems; the intelligent cracker will learn
all kinds of fascinating things by reading /dev/kmem.

We define a group "devkmem" with no members, and then chgrp all memory
devices to this group, and in turn chgrp and chmod g+s all the
memory-reading programs (ps, w, top, etc) so that they retain their
well-behaved access.

--Karl