Path: utzoo!attcan!uunet!zephyr.ens.tek.com!uw-beaver!mit-eddie!bbn.com!orc!inews!kseshadr@quasar.intel.com
From: kseshadr@quasar.intel.com (Kishore Seshadri)
Newsgroups: comp.unix.questions
Subject: Re: Problems with permissions on sockets.
Message-ID: <2601@inews.intel.com>
Date: 27 Jul 90 15:15:50 GMT
References: <1990Jul26.102810.4816@hod.uit.no> <1990Jul27.003110.1699@athena.mit.edu>
Sender: news@inews.intel.com
Reply-To: kseshadr@quasar.intel.com (Kishore Seshadri)
Organization: Intel Corporation, Santa Clara, California
Lines: 22
In-reply-to: jik@athena.mit.edu (Jonathan I. Kamens)

In article <1990Jul27.003110.1699@athena.mit.edu>, jik@athena (Jonathan I. Kamens) writes:
>
>|> and reading either kmem or mem complained about it not working. 
>
>  As someone already pointed out, having /dev/kmem and /dev/mem
>world-readable is a serious security hole (i.e. "all bets are off"), and
>my guess is that someone at your site who is concerned about security
>changed the permissions on it.  As someone else has also already pointed
>out, systems which are concerned about security should make the
>permissions on /dev/kmem and /dev/mem 640, assign group kmem to them,
>and make all system programs (netstat, pstat, ps, etc.) setgid kmem.
>
I seem to remember that mail (of all things) breaks on Ultrix 2.2 when
world read permissions are turned off on /dev/mem and /dev/kmem. Does 
anyone remember if/why this happens and whether its been fixed in 3.1?

Kishore
 
===============================================================================
Kishore Seshadri (Speaking for myself)      Intel Corp., Santa Clara, CA
CSNET: kseshadr@mipos3.intel.com ARPA: kseshadr%mipos3.intel.com@relay.cs.net
UUCP:{amdcad,decwrl,hplabs,oliveb,pur-ee,qantel}!intelca!mipos3!kseshadr